Dynatrace App Security 2026: AI-Powered RASP

Name: Dynatrace
Availability: OnlineOnly

Dynatrace Application Security is a runtime protection module built into the Dynatrace observability platform. It uses the same OneAgent that handles APM to detect vulnerabilities and block attacks in running applications. No separate security agent needed.

Dynatrace vulnerability prioritization dashboard showing risk assessment across applications

Davis AI correlates security findings with performance data, topology maps, and runtime context to prioritize vulnerabilities based on actual exposure rather than theoretical severity scores.

Feature	Details
Platform	Dynatrace Software Intelligence Platform
Agent	OneAgent (shared with APM)
Languages	Java, .NET, Node.js, PHP, Go
Detection	Runtime vulnerability detection + attack blocking
AI Engine	Davis AI for risk prioritization
Deployment	SaaS, Managed, On-premises
Compliance	CIS, NIST, DORA mapping
Attack types	SQLi, command injection, JNDI (Log4Shell), path traversal
Container support	Kubernetes, OpenShift, ECS

What is Dynatrace Application Security?

Dynatrace Application Security uses the same OneAgent technology that powers performance monitoring to detect security issues in running applications. One agent handles APM, infrastructure monitoring, and security. No separate deployment.

The platform continuously monitors application code, third-party libraries, container images, and Kubernetes configurations for known vulnerabilities. When it finds something, Davis AI checks whether the vulnerable component is actually reachable at runtime and exposed to the internet, then adjusts the priority accordingly.

Beyond detection, Dynatrace can block attacks in real time. SQL injection, command injection, JNDI injection (the Log4Shell vector), and path traversal attacks are caught and stopped at the application layer.

Davis AI Prioritization

Correlates security findings with topology, runtime context, and actual exposure. A critical CVE in a library that is loaded but never called gets deprioritized.

One that sits in a public-facing code path gets flagged immediately.

OneAgent Architecture

Single agent for APM, infrastructure monitoring, and security. Deploy once, get vulnerability detection and attack blocking alongside performance data. No additional agents or network appliances.

Runtime Attack Blocking

Detects and blocks SQL injection, command injection, JNDI injection (Log4Shell), and path traversal at the application runtime level. Works inside the process, not at the network perimeter.

Dynatrace threat and exploit detection dashboard showing blocked attacks

APM + Security in One Agent

Dynatrace is one of the few platforms where security and observability share the same agent and data model. Security teams see the full distributed trace when investigating an attack.

DevOps teams see vulnerability context when deploying. Both work from the same dashboard.

Key Features

Runtime Vulnerability Detection

Dynatrace continuously monitors for vulnerabilities in:

Application code
Third-party libraries and dependencies
Container images
Kubernetes configurations

Attack Detection and Protection

The platform detects and blocks common attack types:

SQL injection
Command injection
JNDI injection (Log4Shell)
Path traversal attacks

Compliance Mapping

Continuous compliance monitoring with mappings to CIS benchmarks, NIST frameworks, and DORA requirements. Automated evidence collection for audit preparation.

Getting Started

Deploy OneAgent — Install OneAgent on your hosts or Kubernetes clusters. The agent auto-discovers applications and starts monitoring immediately.

Application Security is a module you enable in the Dynatrace UI.

Enable Application Security — Turn on the Runtime Vulnerability Analytics and Runtime Application Protection modules in your Dynatrace environment settings.

Configure protection rules — Set attack blocking policies for your applications. Choose between monitoring mode (detect and alert) and blocking mode (detect and prevent) per application or environment.

Review findings — Check the Security Overview for prioritized vulnerabilities. Davis AI shows which issues are reachable, exposed, and worth fixing first.

Start with Monitoring Mode

Enable attack detection in monitoring mode first. Review the findings to understand your baseline before switching to blocking mode. This prevents false positives from disrupting production traffic.

Integrations

DevOps & CI/CD

Jenkins

GitLab

Azure DevOps

Operations & Security

Splunk

ServiceNow

Jira

Container Platforms

Kubernetes

Amazon ECS

When to Use Dynatrace

Dynatrace Application Security fits organizations that already use or plan to adopt Dynatrace for observability. If you want APM and security in one agent with AI-driven prioritization, this is the play.

It is less suited for teams that want standalone RASP without an observability platform, or organizations looking for a free or open-source option. Dynatrace is an enterprise platform with enterprise pricing.

Frequently Asked Questions

What is Dynatrace Application Security?

Dynatrace Application Security is a runtime protection module within the Dynatrace observability platform that combines APM with vulnerability detection and attack blocking.

Is Dynatrace Application Security free or commercial?

Dynatrace Application Security is a commercial module available as part of the broader Dynatrace platform subscription.

How does Dynatrace protect applications at runtime?

It uses OneAgent technology to automatically instrument applications, detecting vulnerabilities in code, libraries, and containers while blocking attacks like SQL injection and command injection.

Does Dynatrace block attacks automatically?

Yes. Dynatrace can detect and block common attack types including SQL injection, command injection, JNDI injection (Log4Shell), and path traversal attacks.

How does Dynatrace's Davis AI help with security?

Davis AI correlates security events with performance data, prioritizes vulnerabilities based on actual runtime exposure, and reduces false positives through context-aware analysis.