Article
In this blog post
● The growing need for the convergence of observability and security
● How application security teams benefit from the convergence of observability and security
● Gartner ranked Dynatrace No. 1 for Security Operations Use Case (4.46/5)
● Want to learn more?
In the 2023 Magic Quadrant for Application Performance Monitoring (APM) and Observability, Gartner has named Dynatrace a Leader and positioned it highest for Ability to Execute and furthest for Completeness of Vision. Also, Dynatrace ranked #1 across all six Use Cases in the 2023 Gartner® Critical Capabilities for APM and Observability report, including the recently introduced Security Operations Use Case (4.46/5).
For Dynatrace customers, relying on traditional scan-based application security tools alone can leave the front door unlocked for attackers. As a result, organizations lack the needed runtime context for prioritization. Observability and security solutions powered by rich data context and intelligent automation are necessary to provide runtime context and close these gaps. Development, security, and operations teams can use these tools to gain actionable insights and, therefore, better defend against critical threats to cloud applications.
The growing need for the convergence of observability and security
With the increased adoption of cloud and hybrid infrastructure to support digital transformation, observability is a prerequisite for success and growth. Solutions that bring together security and observability help businesses improve customer experience by detecting anomalous application behavior, shortening incident remediation time, and forecasting critical future issues.
Solutions that bring together observability and security provide unique insights into application runtimes that security teams have traditionally lacked. Organizations that were early adopters of such solutions found them invaluable when Log4Shell was discovered in December 2021, knowing within minutes not only if they were affected but also the criticality of the breach.
However, most organizations still have an opportunity to adopt such solutions to address emerging threats and vulnerabilities. Further, endemic vulnerabilities such as Log4Shell tend to re-emerge; in fact, Log4Shell remains the most exploited application vulnerability to date. The urgency to better manage application vulnerabilities is higher than ever. In 2023 web applications are the most attacked asset, exploited in more than 60% of breaches.
How application security teams benefit from the convergence of observability and security
The convergence of observability and security can enhance an application security team’s ability to not only detect and prioritize vulnerability risks, but also effectively respond to threats. Organizations will be better positioned to improve their security posture by focusing on what matters, protecting against attacks on vulnerabilities while they are being resolved, effectively hunting for threats, and automating response to incidents.
The convergence of observability and security empowers security operations by providing a more comprehensive, real-time view of an organization’s application environment and security posture. Given the increasing velocity of software application releases, configuration changes, and integrations, the adoption of observability and security tools is vital.
With visibility across the full application stack, security operations will benefit from improved threat detection, faster incident response, a holistic view of environments, proactive threat hunting, context-rich investigations, data-driven decision making, automation and orchestration, and reduced alert fatigue. Moreover, this holistic approach enhances threat detection, incident response, and proactive security measures, ultimately strengthening an organization’s overall cybersecurity posture.
Gartner ranked Dynatrace No. 1 for Security Operations Use Case (4.46/5)
According to Gartner, “A Critical Capabilities document is a comparative analysis that scores competing products or services against a set of critical differentiators identified by Gartner. It shows you which products or services are a best fit in various use cases to provide you actionable advice on which products/services you should add to your vendor shortlists for further evaluation.”1 Not only that, Dynatrace scored highest for Use Cases across the board, including the IT Operations (4.15/5), SRE (Site Reliability Engineering)/Platform Operations (4.08/5), DevOps/AppDev (4.08/5), and Application Owner/Line of Business (4.01/5) Use Cases.
According to the Gartner report, “Application vulnerabilities are responsible for many of the high-profile breaches and intrusions that receive news coverage and are damaging to the reputation and health of the affected organizations. The trace telemetry that APM and observability solutions collect to monitor performance includes valuable security signals as well. Although implementations are nascent, the security capabilities of APM and observability tools have proved to be valuable. The Log4Shell incident in late 2021, in which a longstanding, but recently discovered, vulnerability was being widely and actively exploited, was an outstanding proving ground.”
From our perspective, Dynatrace platform differentiators such as Dynatrace Grail, OneAgent, and Smartscape enable customers to extend their observability investment with application security use cases at the flip of a switch. By leveraging Dynatrace capabilities like Runtime Vulnerability Analytics, Runtime Application Protection, AI-assisted prioritization, and AutomationEngine, customers can improve the effectiveness of their DevSecOps processes while boosting productivity. Not only that, with Security Analytics customers can execute lightning-fast queries across large volumes of observability and security data and automate response by creating data-driven workflows.
Want to learn more?
If you are interested in the Dynatrace platform, please contact us at moc.hcetokab%40ecartanyd
Gartner disclaimer
Gartner Research Methodologies, “Critical Capabilities”, 11 September 2023. https://www.gartner.com/en/research/methodologies/research-methodologies-gartner-critical-capabilities/
Gartner, Magic Quadrant for Application Performance Monitoring and Observability, Gregg Siegfried, Mrudula Bangera, Matt Crossley, Padraig Byrne, 5 July 2023.
Gartner, Critical Capabilities for Application Performance Monitoring and Observability, Mrudula Bangera, Padraig Byrne, Matt Crossley, Gregg Siegfried, 10 July 2023. Out of the 6 Use Cases identified in the Critical Capabilities report, Dynatrace was one of the vendors to score highest in these Use Cases.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose