Automate your application security to protect your crown jewels

In today’s high-risk cyber environment, being alerted to security vulnerabilities in your critical applications and infrastructure is not enough – enhanced automation is critical. This allows you know in Realtime how seriously to take a threat; in a format all stakeholders can understand, so they can take out the guesswork and move quickly.  

Avocado helps you automate your application security with Dynatrace and our specialist knowledge –  solving any use case, fully automated, without boundaries!

In this article, we highlight a recent example of how we utilised Dynatrace with our enhanced automation and dashboarding functionality for a complex organisation to greatly reduce the number of alerts and predict high-level alerts.  The result was that Application Service Owners, Security Operations Centre owners, Environment Owners could all understand the exact source of their vulnerabilities, while filtering low-level threat noise – so they could focus on the threats that matter most.    

This use case is useful for our clients with complex operating and high-risk environments – such as our high-profile government and financial services clients. It has enabled them to solve two key issues:  

• Overcoming alert overload in their environments by having the ability to prioritise and act quickly – ensuring they protect their crown jewels   
• Going beyond knowing that there is an issue, but also how and where vulnerabilities occur so they can pin-point the exact security issue. 

Organisations operating in complex operating and high-risk environments can now understand and act in Realtime with Dynatrace automated application security and enhanced dashboarding to prioritise their risks. 

How it works

Typically, where an application is running, Dynatrace continuously checks for vulnerabilities and provides a CVSS, in Realtime.  It assesses the application and provides a score for that vulnerability known as a DSS.  

We found, while greater visibility of issues was achieved, our clients operating in complex environments experienced alert overload. They needed to be able to prioritise their constant alerts and visualise them more readily, so that key decision makers could also understand the environment whilst end users could prioritise and act quickly to issues. 

Avocado provided a solution to extend the Dynatrace capability by building automation to further enhance its functionality, linked to a dashboard. With the addition of alerts, pointing clients directly to the vulnerability and having it on a Dashboard for end users to understand clients could always have their “finger on the pulse.” 

In addition to the capabilities of Dynatrace the following functions built by Avocado, are performed based on the DSS score.  

Solution we developed for our client: 

Our solution has varying triggers and actions which are activated depending on the score: 

1. If a DSS is higher than 7  
2. Sends more frequent alerts on impact/issues to business decision makers 
3. Highlight issues on a Dashboard in Realtime  
4. If a DSS is higher than 9 and any attacks has been confirmed  
5. Close the service  
6. Notify service owner. 

 The result for our client 

1. Ability to understand their environment with respect to a vulnerability instance not just the overall “you’re impacted”  
2. It put the focus on the security issues that really mattered, removed the guesswork of knowing where the vulnerabilities were and when to respond and escalate appropriately 
3. Provided Realtime discovery, alerting and displaying of issues on an Avocado created dashboard that’s accessible across all users to identify which issues require actioning 
4. With Automation in place to take action based on the DSS score, we reduced manual repetitive tasks, eliminated human error and gained efficiencies across the business 

  Our Experience – Automate your application security

Avocado has worked extensively with a major Australian Government department to implement Application Security Automation, including Tool Consolidation & Automation using Dynatrace on Crown Jewel applications and associated infrastructure.  

Avocado has developed both custom and reusable automation along with operational methodologies by using Dynatrace. This combination of code and process was deployed to make triage, prioritisation and neutralisation of vulnerability threats faster and easier.  

Read more about our Application Monitoring Services, or contact our team to discuss how we can help you focus on the threats that matter most.