During the annual Perform event in Las Vegas, Dynatrace announced a fleet of updates. The company has ambitions in both security and observability, which the new capabilities underscore all the more.
The innovations in brief, before we delve into them further on, are as follows: additional AIOps features to stay safe and optimize resource usage via Davis AI, new Cloud Security Posture Management options, and a set of observability features for developers to foster shift-left.
On top of that, Dynatrace is preparing organizations for DORA, the EU regulation intended to make financial institutions more cyber-resilient. Finally, the company is driving secure AI deployments with a host of LLM guardrail tools, the option to trace AI data usage via Dynatrace Grail, and resources to make RAG and agentic behavior traceable.
AIOps: preventive enablement
We’ve known about Dynatrace’s Davis AI for some time. This AI service predicts anomalies in applications and independently analyzes observability and security data. Davis AI can also be approached as a copilot for help with queries, notebooks, and dashboards. Over the next three months, Dynatrace’s updates will make Davis AI even more decisive, offering summaries, remediation steps, and potential best practices.
The goal of these new capabilities is to enable organizations to act preventively for their AI security rather than reactively. Dynatrace emphasizes that the immense costs of downtime motivate businesses to avoid issues as much as possible. This extends beyond security alone. For instance, automatic remediation workflows also help dynamically adjust the resources allocated to Kubernetes deployments. Whether more or fewer resources are needed, Dynatrace can make the change. This is possible by generating artifacts— a recreation of developer best practices, in other words.
According to Dynatrace, the combination of these two improvements makes their solution a tool that prevents rather than reacts. “The shift from reactive to preventive operations represents the next evolution in AIOps,” says Bernd Greifeneder, CTO at Dynatrace. “With further additions to our advanced AI capabilities, we believe Dynatrace is cementing its leadership as an intelligent, problem-solving partner for our global enterprise customers. By combining precise contextual data with advanced AI capabilities, we’re enabling organizations to become truly proactive. This is not just about earlier detection of problems or faster resolution—it’s about preventing problems from occurring in the first place.”
Observability for Developers: shift left after all
While Davis AI is being expanded, Dynatrace is also introducing an entirely new solution: Observability for Developers. More specifically, for cloud-native developers. According to Dynatrace, this crop of devs suffers from cluttered tooling in their environments. Other companies have drawn similar conclusions, leading to a proliferation of solutions for measuring Kubernetes costs, tracking vulnerabilities, and monitoring API usage across clouds.
Consolidating all of this helps, just as ‘platformized’ security tools help restore clarity. That link between security and developers—on the face of it, a bit of an odd one as that’s not the developer’s job —has been made more often. In a recent conversation with Techzine, CTO Greifeneder explained that imposing security tasks on developers has been a “disaster for enterprises.” Instead of this ‘shift left’ mentality where responsibility is simply moved over to developers, it must be extended, he suggests. This can be summarized as ‘extend left’ and leaves security teams to complement developers, not pointing fingers whenever trouble arises.
The service package is extensive, with three key features highlighted by Dynatrace. First, there’s a feature set to make accessing and exploring data easier. Again, Davis AI plays a role by delivering useful insights about application performance, service health, end-user interactions, and a glimpse into both past and near-future states. According to Dynatrace, all of this should remain manageable through “intuitive dashboards” and “advanced logs.”
A second use case for Observability for Developers is troubleshooting. Here too, everything is “AI-driven” (when isn’t it these days?), with the end result being automatic root cause analysis. A service called Live Debugger does exactly what the name suggests, without requiring any reproduction or redeployment. Supposedly, this results in no performance loss.
Because developers are increasingly responsible for security—due to a shortage of personnel or budget cuts, as well as compliance requirements—they may as well handle as much as possible themselves. Observability teams and platform engineers can now roll out a self-service model for developers.
“Observability for Developers represents our commitment to empowering development teams with intelligent, context-aware solutions that allow them to innovate with speed and confidence,” Greifeneder notes. “We’re giving developers the ability to understand, troubleshoot, and optimize their applications with ease and precision. On top of this, we drive effective collaboration through AI-powered insights and automation to maximize productivity while providing leadership with improved evidence that their IT practices are safe, compliant, and adhere to company standards.”
CSPM on top of KSPM
Dynatrace already had a Kubernetes Security Posture Management solution (KSPM) in place, and is now adding a CSPM offering. For its CSPM solution, Davis AI and Dynatrace’s Grail data lakehouse come together to unify security and observability data. The aim is to glean insights from all “code, libraries, language runtimes, and container infrastructure,” as the company puts it. If you’re already running CSPM tools on AWS, Azure, or GCP, you can integrate Dynatrace’s solution with them—or replace your existing one with it.
Dynatrace’s CSPM solution provides the same simplification and centralization that characterize the components discussed above. Consequently, the new offering is described as an addition to the Application Security and Threat Observability tools the company already provides. Organizations already using these solutions can consolidate their vendor landscape even further. In short, Dynatrace is building one large, cohesive platform—tellingly also the name of the event where these announcements were made.
“Modern enterprises need security solutions that can protect their entire technolostack, from cloud infrastructure to running applications,” says Steve Tack, CPO at Dynatrace. “With our bundled solution, organizations achieve a single-platform approach that delivers continuous security insights, AI-ranked risk analysis and automated remediation that can remove blind spots, automate compliance with technical standards and significantly reduce complexity.”
Also read: Dynatrace widens lens on data observability