Instant, automated, and fully contextualized vulnerability assessments enable organizations to release software faster without sacrificing security
Software intelligence company Dynatrace announced its platform now includes security gates, enabling DevSecOps teams to automatically assess each new software release to ensure only secure code moves through the delivery pipeline. Just as Dynatrace® quality gates have allowed development, DevOps, and SRE teams to ensure code meets their service-level objectives (SLOs), Dynatrace security gates, powered by the platform’s automatic and intelligent observability, now help these teams assure code is secure as it progresses from preproduction to production.
“The primary drivers for adopting DevSecOps are to improve the overall application security posture by identifying security issues earlier in the software development lifecycle (SDLC), without impacting the velocity of DevOps teams.”
According to IDC, “The primary drivers for adopting DevSecOps are to improve the overall application security posture by identifying security issues earlier in the software development lifecycle (SDLC), without impacting the velocity of DevOps teams.”1 The importance of unifying observability, automation, intelligence, and security within development processes is underscored by additional research, which reveals more than a quarter of CISOs say development teams sometimes bypass vulnerability scans to speed up software delivery.
The Dynatrace® platform enables teams to precisely identify vulnerabilities found in cloud-native workloads and applications across the SDLC, while also prioritizing these vulnerabilities based on the risk they pose to the business. In addition, the AI and automation capabilities at the core of the platform help orchestrate application development processes at scale, including automating code tests and quality checks against an organization’s SLOs. With this latest enhancement, customers can now leverage Dynatrace’s automation and intelligence, along with the extensive observability data that is already flowing through the platform, to automatically detect, assess, and manage vulnerabilities in real time, and with greater accuracy than traditional security tests that operate on static code.
“As organizations accelerate their pace of innovation with cloud-native technologies, they are increasingly integrating security into software development workflows,” said Steve Tack, SVP of Product Management at Dynatrace. “A DevSecOps approach elevates security as a shared responsibility throughout the entire software development lifecycle, yet manual processes slow progress. With this release, Dynatrace is incorporating application security into software development as a continuous, automated process that matches the rapid release pace required in modern cloud transformation. This ensures organizations can release software with speed and security, and at scale, while freeing time for development, DevOps, and SRE teams to focus on what matters most – driving innovation and business value.”