Dynatrace deploys RASP through the same OneAgent used for APM, covering Java, .NET, Node.js, PHP, and Go without separate agents.
Davis AI reprioritizes vulnerabilities based on actual production exposure, not just CVSS scores alone.
Runtime vulnerability detection and zero-day attack protection run within the application process for real-time blocking.
Maps to CIS, NIST, and DORA compliance frameworks with automated vulnerability ticketing to downstream systems.
Dynatrace Application Security is a runtime protection module built into the Dynatrace observability platform. It uses the same OneAgent that handles APM to detect vulnerabilities and block attacks in running applications. No separate security agent needed.
Davis AI correlates security findings with performance data, topology maps, and runtime context to prioritize vulnerabilities based on actual exposure rather than theoretical severity scores.
Dynatrace Application Security uses the same OneAgent technology that powers performance monitoring to detect security issues in running applications. One agent handles APM, infrastructure monitoring, and security. No separate deployment.
The platform continuously monitors application code, third-party libraries, container images, and Kubernetes configurations for known vulnerabilities. When it finds something, Davis AI checks whether the vulnerable component is actually reachable at runtime and exposed to the internet, then adjusts the priority accordingly.
Beyond detection, Dynatrace can block attacks in real time. SQL injection, command injection, JNDI injection (the Log4Shell vector), and path traversal attacks are caught and stopped at the application layer.
Davis AI Prioritization
Correlates security findings with topology, runtime context, and actual exposure. A critical CVE in a library that is loaded but never called gets deprioritized. One that sits in a public-facing code path gets flagged immediately.
OneAgent Architecture
Single agent for APM, infrastructure monitoring, and security. Deploy once, get vulnerability detection and attack blocking alongside performance data. No additional agents or network appliances.
Runtime Attack Blocking
Detects and blocks SQL injection, command injection, JNDI injection (Log4Shell), and path traversal at the application runtime level. Works inside the process, not at the network perimeter.
APM + Security in One Agent
Dynatrace is one of the few platforms where security and observability share the same agent and data model. Security teams see the full distributed trace when investigating an attack. DevOps teams see vulnerability context when deploying. Both work from the same dashboard.
Key Features
Runtime Vulnerability Detection
Dynatrace continuously monitors for vulnerabilities in:
Application code
Third-party libraries and dependencies
Container images
Kubernetes configurations
Attack Detection and Protection
The platform detects and blocks common attack types:
SQL injection
Command injection
JNDI injection (Log4Shell)
Path traversal attacks
Compliance Mapping
Continuous compliance monitoring with mappings to CIS benchmarks, NIST frameworks, and DORA requirements. Automated evidence collection for audit preparation.
Getting Started
1
Deploy OneAgent — Install OneAgent on your hosts or Kubernetes clusters. The agent auto-discovers applications and starts monitoring immediately. Application Security is a module you enable in the Dynatrace UI.
2
Enable Application Security — Turn on the Runtime Vulnerability Analytics and Runtime Application Protection modules in your Dynatrace environment settings.
3
Configure protection rules — Set attack blocking policies for your applications. Choose between monitoring mode (detect and alert) and blocking mode (detect and prevent) per application or environment.
4
Review findings — Check the Security Overview for prioritized vulnerabilities. Davis AI shows which issues are reachable, exposed, and worth fixing first.
Start with Monitoring Mode
Enable attack detection in monitoring mode first. Review the findings to understand your baseline before switching to blocking mode. This prevents false positives from disrupting production traffic.
Integrations
DevOps & CI/CD
Jenkins
GitLab
Azure DevOps
Operations & Security
Splunk
ServiceNow
Jira
Container Platforms
Kubernetes
Amazon ECS
When to Use Dynatrace
Dynatrace Application Security fits organizations that already use or plan to adopt Dynatrace for observability. If you want APM and security in one agent with AI-driven prioritization, this is the play.
It is less suited for teams that want standalone RASP without an observability platform, or organizations looking for a free or open-source option. Dynatrace is an enterprise platform with enterprise pricing.
Frequently Asked Questions
What is Dynatrace Application Security?
Dynatrace Application Security is a runtime protection module within the Dynatrace observability platform that combines APM with vulnerability detection and attack blocking.
Is Dynatrace Application Security free or commercial?
Dynatrace Application Security is a commercial module available as part of the broader Dynatrace platform subscription.
How does Dynatrace protect applications at runtime?
It uses OneAgent technology to automatically instrument applications, detecting vulnerabilities in code, libraries, and containers while blocking attacks like SQL injection and command injection.
Does Dynatrace block attacks automatically?
Yes. Dynatrace can detect and block common attack types including SQL injection, command injection, JNDI injection (Log4Shell), and path traversal attacks.
How does Dynatrace's Davis AI help with security?
Davis AI correlates security events with performance data, prioritizes vulnerabilities based on actual runtime exposure, and reduces false positives through context-aware analysis.
Jenkins
GitLab
Azure DevOps
Splunk
ServiceNow
Jira
Kubernetes
Amazon ECS
