Dynatrace Inc., known in the fields of unified observability and security, recently announced its new Security Analytics solution. Integrated within the Dynatrace platform, this solution is designed to enhance an organization’s defense against threats in hybrid and multicloud setups.

The offering uses Davis AI, combining predictive and causal AI technologies, to provide security analysts with insights and contextual data. This feature aids in prioritizing and investigating potential threats and vulnerabilities, leaning toward more proactive cybersecurity.

Security Analytics works in tandem with Dynatrace’s AutomationEngine. This integration facilitates the development of automation and workflows that assist analysts in gauging the severity of attacks, pinpointing indicators of compromise, or IOCs, and initiating appropriate responses. By blending Davis AI’s hypermodal AI capabilities with automation, security analysts can address emerging cyberthreats, aiming to strengthen the overarching security framework.

It’s worth noting that security analysts often face challenges with traditional systems, which might involve disjointed tools and manual processes. Such limitations can lead to overlooked alerts and increased risks for organizations. Although conventional security information and event management or SIEM solutions use log data to identify IOCs, they sometimes miss out on providing the necessary context.

Dynatrace’s Security Analytics seems to offer a solution to this by presenting context-rich answers, using logs, metrics, traces and topology as resources. This integrated approach intends to help in the identification and investigation of intricate threats that might not be evident from simple log analysis.

Within the broader umbrella of Dynatrace’s application security offerings, Security Analytics also includes runtime vulnerability analytics and runtime application protection. The first aims to detect and prioritize vulnerabilities in real-time, particularly those that make their way into production environments, while the latter focuses on recognizing and countering standard application threats.

Steve Tack, senior vice president of product management at Dynatrace, discussed the importance of being proactive in the face of evolving cyberthreats. He also highlighted how Security Analytics offers analysts the tools to efficiently address and respond to incidents.

Analysis

Dynatrace’s data modeling appears to be evolving, becoming more comprehensive in the context of AI’s growth. Its methodology, spanning both observability and security, integrates a range of modeling techniques.

Such integration is expected to enhance the user experience in the security domain by streamlining both the extraction of insights and actionable steps. This move seems to be in line with their hypermodal AI concept, driven by Davis AI’s predictive and causal features, to understand the implications in security incidents better.

The proposed introduction of generative AI might address certain skill gaps within platform engineering teams, particularly as developers are handed more security-related tasks. Merging causal and predictive AI does seem to offer more than just surface-level analytics.

How these models adapt, especially with a diverse set of customers, remains a point of interest. However, the potential to safeguard personally identifiable information and to learn and act upon it could be significant, especially as adversaries employ AI to enhance their tactics.

As organizations adopt zero-trust frameworks, platforms that incorporate multi-layered AI solutions, such as Dynatrace’s offering, could be instrumental in safeguarding their assets.

Image: TheDigitalArtist/Pixabay