CloudDevelopersDevSecOpsFeaturedLet's TalkOpen SourceSecurityVideo

Dynatrace Report Reveals Only 4% Of CISOs Have Visibility Into Vulnerabilities In A Runtime Environment


Dynatrace has released the findings from its 2022 CISO Report. Application security continues to be the fastest growing attack surface for most companies with CISOs facing a number of challenges. 

The application landscape is changing rapidly, not just from a development perspective or from a monitoring and reliability perspective, but also in terms of application security. In this episode of TFiR Let’s Talk, Swapnil Bhartiya sits down with Amit Shah, Director of Product Marketing at Dynatrace, to discuss the changes seen in the security landscape with this increasingly quick pace of digital transformation. Shah takes a deep dive into the key findings from the Dynatrace 2022 CISO Report and also shares insights into the challenges CISOs (chief information security officers) are facing.

In addition, he shares his tips for securing applications and how Dynatrace’s application security solution is helping people navigate these security complexities.

Key highlights of this video interview are:

  • Dynatrace aims to deliver answers and intelligent automation from data in order to enable secure and flawless transactions. The company primarily focuses on cloud applications, although it covers most types of applications. Shah gives an introduction to the company and what areas of the observability segment it covers.
  • The Dynatrace report aims to uncover the current state of application security from a CISO’s perspective, understanding how application vulnerabilities are being managed and the challenges CISOs are facing. Shah explains that it is a relatively new concern, which is now the fastest growing attack surface for most companies.
  • Securing the software supply chain continues to be a big concern since most modern applications’ code is made up of 80% open source components with new vulnerabilities being discovered all the time. Shah explains why the traditional method of finding vulnerabilities is not effective and the repercussions of this approach.
  • Shah shares some of the more surprising findings from the CISO report, of which probably the most shocking was that only 4% of CISOs have visibility into vulnerabilities in a runtime environment.
  • Finding security talent is at an all-time level of difficulty and it is difficult for CISOs to find the manpower to tackle application vulnerabilities. In light of this, technology is being used to bridge this barrier and take the heat of the skill shortage. Shah shares how technology solutions like Dynatrace’s are being used to tackle these problems.
  • Shah goes into depth about Dynatrace’s application security solution and its unique approach to securing cloud-native workloads, explaining how the runtime vulnerability analysis works. He also explains the DevSecOps automation solution and how it is helping automate handoffs between security, development, and back.
  • Dynatrace’s mission is to provide answers from data. Shah explains how their David AI engine provides true criticality of any given vulnerability by looking at where it is in the topology of the application. Shah discusses how this process helps users get to the answers and not just the data.

Snapshot of key findings from the CISO report from the video interview:

  • 67% of CISOs say the developing teams do not have enough time to scan for vulnerabilities before any release or fix is moved into production.
  • Less than half of CISOs that were surveyed in the report were confident all Log4Shell vulnerabilities were fully eradicated.
  • 75% of CISOs are worried that too many application vulnerabilities are leading to production despite taking a multilayer approach.
  • 69% of CISOs feel that vulnerability management has become more difficult with digital transformation.
  • 4% of CISOs have real-time visibility into vulnerabilities in a runtime environment.

Connect with Amit Shah (LinkedIn)

Learn more about Dynatrace (Twitter)

The summary of the show is written by Emily Nicholls.

Read Transcript

Don't miss out great stories, subscribe to our newsletter.

Adoption Of Industry-Specific Clouds Is Increasing But Challenges Still Remain | Danny Allan

Previous article

Snowplow, Databricks Help Data Teams Make Accurate Predictions With AI-Ready Data

Next article
Login/Sign up