Combined AI techniques help search for cyber threats in real time and respond to incidents. Dynatrace introduces Security Analytics. The new platform solution helps companies better protect themselves against threats to their hybrid and multicloud environments.
Dynatrace Security Analytics leverages Davis AI, which combines predictive and causal AI techniques to deliver precise answers and the data context analysts need to prioritize and verify threats and vulnerabilities. Later this year, Security Analytics will include generative AI capabilities, expanding Davis AI's hypermodal AI offerings.
Proactive defense with hypermodal AI
Security Analytics already uses the Dynatrace AutomationEngine to create automations and workflows. Analysts can use these to assess the impact of an attack, find indicators of compromise (IOC) or automatically trigger a response. The combination of Davis hypermodal AI, accurate, contextual responses and intelligent automation allows security analysts to proactively defend against emerging cyber threats. This, in turn, strengthens the company's cyber security defenses and overall security posture.
Often, teams rely on traditional security information and event management (SIEM) solutions that monitor log data to find IOCs. However, this data lacks critical context, such as underlying cloud infrastructure and application topology, that can help narrow the scope of an analysis. Without this context, it is difficult to use SIEM solutions to accelerate an investigation or identify and mitigate cyber threats.
Detect and identify hidden threats
Dynatrace Security Analytics meets these needs by enriching responses and automation with logs, metrics, traces and topology while maintaining data context. This allows teams to identify and investigate threats that are impossible to detect using logs alone. Additionally, Security Analytics complements other Dynatrace application security features. This includes:
- Runtime vulnerability analysis that enables real-time detection and prioritization of vulnerabilities that have penetrated production environments.
- Runtime application protection that detects and blocks common application attacks such as SQL injection, command injection and JNDI attacks.
About Dynatrace
Dynatrace ensures that software works perfectly worldwide. Our unified software intelligence platform combines broad and deep observability and continuous run-time application security with the most advanced AIOps to deliver answers and intelligent automation from data at remarkable scale. This enables organizations to modernize and automate cloud operations, deliver software faster and more securely, and ensure flawless digital experiences.