Highlights:

  • Unlike traditional SIEMs, Dynatrace’s Security Analytics provides contextual insights using logs, metrics, traces, and topology.
  • Dynatrace’s evolving data modeling integrates diverse techniques in observability and security, adapting to AI’s expansion.

Dynatrace Inc., a leader in unified observability and security, announced the release of its new Security Analytics solution. This solution, which is integrated within the Dynatrace platform, is intended to improve an organization’s defense against attacks in hybrid and multicloud environments.

Davis AI, which combines predictive and causal AI technologies, is used in the offering to provide security analysts with insights and contextual data. This feature aids in the prioritization and investigation of potential threats and vulnerabilities, resulting in more proactive cybersecurity.

Security Analytics is used in conjunction with Dynatrace’s AutomationEngine. This integration enables the creation of automation and workflows that aid analysts in determining the severity of attacks, identifying indicators of compromise, or IOCs, and initiating appropriate responses. Security analysts can address emerging cyberthreats by combining Davis AI’s hypermodal AI capabilities with automation to strengthen the overall security framework.

It’s worth noting that security analysts frequently face difficulties with traditional systems, which may include disparate tools and manual processes. Such constraints can result in missed alerts and increased risks for organizations. Although traditional security information and event management (SIEM) solutions use log data to identify IOCs, they frequently fail to provide the required context.

Dynatrace’s Security Analytics offers a remedy by delivering answers rich in context, drawing from logs, metrics, traces, and topology. This integrated approach aims to aid in the identification and investigation of complex threats that may be missed by simple log analysis.

Security Analytics is part of Dynatrace’s application security offerings, including runtime vulnerability analytics and runtime application protection. The former seeks to detect and prioritize real-time vulnerabilities, particularly those that make their way into production environments, whereas the latter focuses on recognizing and countering standard application threats.

Steve Tack, Dynatrace’s Senior Vice President of product management, spoke about the importance of being proactive in the face of evolving cyberthreats. He also emphasized how Security Analytics provides analysts with the tools they need to address and respond to incidents effectively.

Analysis

In the context of AI’s growth, Dynatrace’s data modeling appears to be evolving and more comprehensive. Its methodology covering observability and security incorporates varied modeling techniques.

This type of integration is expected to improve the user experience in the security domain by streamlining the extraction of insights as well as actionable steps. This approach appears to be consistent with their hypermodal AI concept, which is propelled by Davis AI’s predictive and causal capabilities in order to better comprehend the implications of security incidents.

The proposed use of generative AI may help to fill skill gaps within platform engineering teams, especially as developers are given more security-related tasks. Combining causal and predictive AI appears to provide more than just surface-level analytics.

It will be interesting to see how these models adapt, especially with such diverse customers. However, the potential for protecting personally identifiable information and learning and acting on it could be significant, especially as adversaries use AI to improve their tactics.

As zero-trust frameworks are adopted by organizations, platforms like Dynatrace’s with multi-layered AI solutions could prove valuable for safeguarding their assets.