09/26/2024 | Press release | Distributed by Public on 09/26/2024 11:13
Dynatrace integrates with AWS Elastic Container Registry (ECR) to enable visibility, orchestration, and prioritization of cross-container-registry vulnerability findings. This integration provides a single pane of glass for container image scans of your containerized applications and is part of a larger effort to enrich vulnerability findings with runtime context.
In complex multicloud environments, vulnerability findings are often siloed between build-time and run-time tooling. Thus, getting a holistic view of security risks is challenging.
Dynatrace addresses this issue by providing unified ingest and analysis of container vulnerability findings across cloud and container registries. This ensures that SecDevOps has a continuous and comprehensive understanding of its security posture.
In addition, security findings detected during the build phase and in your artifact registries, such as AWS ECR, might not be relevant to your production-critical applications. By enriching runtime context from the monitored entities, Dynatrace helps filter out the noise, prioritize critical findings, and focus your remediation efforts on what truly matters for your production environment.
AWS ECR scans container images for vulnerabilities. You can choose between basic and enhanced scanning.
The vulnerability findings are pushed into the Dynatrace platform through AWS Event Bridge via the dedicated security ingest endpoint powered by OpenPipelineTM. You can set it up using an AWS CloudFormation template provided by Dynatrace. For instructions, see the documentation.
The ingested data is mapped according to the Dynatrace Semantic Dictionary, ensuring a unified format for analysis.
Once the findings are ingested, you can visualize, analyze, and automate in Dynatrace with Dashboards, Notebooks, and Workflows.
Once security findings and scan events are ingested into Dynatrace Grail™, you can analyze them and perform automation tasks, leveraging the uniform data format.
AWS ECR ingested data can be consumed as follows:
Explore individual use cases in Dynatrace Documentation:
Visit Dynatrace Documentation and get started setting up your AWS ECR data integration.
Explore the AWS ECR integration in Dynatrace Hub.