![]() Same Vulnerability but varying DSS depending on exposure and sensitivity Note that this time, we see that this vulnerability has the sensitive data assets symbol enabled and it has a critical DSS score. Note in the below screenshot, Davis has marked that the vulnerability with symbols to indicate that it has access to sensitive data and there is a known malicious code that exploits this vulnerability. Within no time, I see Dynatrace detected and rated the vulnerability as critical: In the same Linux machine, I installed a Java Application that used the infamous Log4j library for logging. In the next section, I will show you how each of the scenarios looks like and how you could use DSS for precise risk assessment. Although the CVSS score for the vulnerability is 9.8, DSS doesn’t assume the worst-case scenario and does a true assessment. The table below shows how DSS provides an accurate assessment of the Log4j vulnerability based on the environment of the affected system. Why does the same vulnerability have different DSS scores? By reducing the score of vulnerabilities that are, in fact, not critical for your environment, you gain time to focus on the real issues and fix them faster. With Davis AI, you can find out if the affected entity is reachable from the Internet and if there is any data stored in reach of an affected entity.ĭSS makes you more efficient: By including additional parameters in its analysis, Davis can more precisely calculate the security score and predict the potential risk of a vulnerability to your environment. Instead, Davis adapts the characteristics of the vulnerability to your particular environment, taking into consideration its structure and topology, and advises you as to which elements are prone to errors and how to handle security issues. Because Davis AI also considers parameters like public internet exposure and checks to see if and where sensitive data is affected, DSS is the most precise risk-assessment score available.ĭSS is more accurate: Davis doesn’t assume the worst-case scenario. the vulnerable functions are not in use.ĭynatrace has calculated a Davis Security score for this vulnerability which is an enhanced risk-calculation score based on the industry-standard Common Vulnerability Scoring System.the vulnerability is not affecting any sensitive data and.there may or may not be public exposure(more accurately in the next sections),.The above screenshot shows information not just about the vulnerability but most importantly it tells me that: You may want to open the image in a new tab to see it on full screen. Let’s take a look into the vulnerability. In the below example, I have looked up vulnerabilities in the specific host based on the hostname: You can even filter the vulnerabilities seen on a specific host. Needless to say, this is in addition to Infrastructure, Application, Real User Monitoring that Dynatrace already provides.īelow is a screenshot of the Application Security Overview page:īy clicking on View all vulnerabilities button, you would see all the vulnerabilities. With Application Security enabled and configured, Dynatrace will report vulnerabilities analysing additional contextual information like exposure to the internet, access to sensitive data(DB) etc. In this article, we will look at how the AI accounts for the environmental characteristics for given vulnerabilities to accurately rate the risk level. ![]() In the previous blog, we looked at the simple steps to enable Application security in Dynatrace. How are environmental characteristics accounted for when analysing vulnerabilities?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |