WALTHAM, Mass., January 14, 2021 – Software intelligence company Dynatrace (NYSE: DT) announced today that its Application Security Module now directly links the vulnerabilities it identifies in real time in production and pre-production environments to the Snyk Intel database of open source vulnerabilities to facilitate faster and easier remediation by developers.
Dynatrace® Application Security, the newest module in Dynatrace’s all-in-one Software Intelligence Platform, is optimized for Kubernetes architectures and DevSecOps approaches. With always-on runtime application security analysis and automatic AI data-flow-analysis, Dynatrace provides risk-weighted prioritization of vulnerabilities, dramatically improving production visibility and protection. Linking Dynatrace to Snyk’s industry-leading vulnerability database closes the delivery lifecycle loop, easing remediation for developers, and helping ensure business-critical applications and digital services are protected 24/7.
“A smart and successful DevSecOps program not only discovers and remediates vulnerabilities early in the development lifecycle, but also leverages code consumption behavior in production to prioritize issues to fix,” said Peter McKay at Snyk CEO. “Dynatrace pinpoints if vulnerability code is called in production applications and links Snyk vulnerability intelligence to make it much easier for developers to understand the severity and frequency of vulnerabilities. Combined with Snyk, this is the optimal way to prioritize fixes quickly and efficiently to enhance the overall security posture of cloud native apps.”
“Organizations are looking for accelerated digital transformation and increased confidence their clouds and applications are secure. This isn’t possible if teams leave security to manual and static processes while suffering false-positive fatigue,” said Bernd Greifeneder, Founder and CTO at Dynatrace. “We built the Dynatrace platform to provide continuous automation and intelligence for dynamic, cloud-native environments. Extending it to application security, and enabling production detection in dynamic environments, was a natural step.”