Introducing the Dynatrace vulnerability feed: Accurate, transparent, and threat-aware

Trusted vulnerability data empowers teams to make faster and clearer security decisions. That's why we're elevating the Dynatrace Vulnerabilities app with the Dynatrace vulnerability feed: a new, first-party source of vulnerability intelligence that's more accurate, transparent, and threat-aware, helping maintain strong coverage of critical risks. With curated inputs, stronger sourcing, and deeper integration across the Dynatrace platform, teams can prioritize what matters most-and act with confidence.

A first-party vulnerability feed: Agile, precise, and focused on real customer risk

We recognize how quickly noise and alert fatigue can slow vulnerability management. When teams face a high volume of security findings, they require accurate, timely, and reliable threat intelligence to address potential breaches and optimize remediation time, resources, and costs. That's why Dynatrace is upgrading the Vulnerabilities app to use its own first-party vulnerability feed-a new, internally curated source of vulnerability data that replaces the previously used external feed. It delivers more accurate, timely, transparent, and threat-aware vulnerability information, tightly integrated with innovations from Dynatrace security researchers, already recognized through a European patent.

The Dynatrace vulnerability feed is built on multiple reputable sources, including OSV.dev, GitHub, the National Vulnerability Database (NVD), and vendor advisories, ensuring comprehensive coverage of vulnerabilities. These insights are further curated and enriched by Dynatrace's own findings and internal security research.

Key benefits for customers

The new Dynatrace vulnerability feed is included in the Vulnerabilities app at no additional cost and offers:

• Trustworthy, high-quality, curated vulnerability data

• Clearer and more consistent vulnerability descriptions and remediation guidance
• Strong coverage of critical and high-severity vulnerabilities
• Improved accuracy for certain findings compared to the previous feed
• Better long-term agility: Dynatrace owns and evolves the feed based on customer needs

• Deeper integration with the Dynatrace platform.

Coverage and parity with the previous vulnerability feed

The Dynatrace vulnerability feed provides full parity with the previously used feed for critical and high-severity vulnerabilities in customer environments. For medium- and low-severity vulnerabilities, we ensure over 90% coverage in customer environments compared to the previous feed, while also adding extra vulnerabilities that were not previously included. Certain medium- and low-criticality vulnerabilities, as well as those without a CVE number that exist solely in the previous feed, will be marked as deprecated (Figure 1).

We recognize that coverage is a key topic for organizations when it comes to vulnerabilities. The Dynatrace vulnerability feed is designed to be dynamic, keeping pace with the large volume of newly reported vulnerabilities. This agility ensures timely updates to meet customer-specific coverage needs, reducing blind spots and protecting against emerging threats. This flexibility is one of the key reasons we decided to introduce our own feed.

What changes for existing vulnerabilities?

From an access and viewing standpoint, nothing changes for existing vulnerabilities. You can continue accessing vulnerability insights from the existing Vulnerabilities app, ensuring a seamless experience with minimal disruption.

Existing vulnerabilities from our previous feed will retain their CVE numbers, but the IDs will be replaced with the Dynatrace Vulnerability IDs (Figure 2). Vulnerabilities from the previous feed without a CVE number will be automatically marked as resolved.

If your organization drives vulnerability remediation through an IT Service Management (ITSM) tool like ServiceNow, your existing tickets remain unchanged regarding CVEs and Dynatrace IDs. Tickets linked to vulnerabilities outside the Dynatrace vulnerability feed will still function, but when accessed, the vulnerabilities might be deprecated, have updated severity, or have an adjusted score.

Availability for SaaS vs. Managed: What You Need to Do

The Dynatrace vulnerability feed is available in all Dynatrace SaaS environments starting with version 1.334. If you're on Dynatrace SaaS, this change will happen automatically when version 1.334 is rolled out in March 2026.

If you're on Dynatrace Managed, an update to version 1.334 (or later) is required to use the Dynatrace vulnerability feed. Be sure to update to version 1.334 or later before April 1, 2027; otherwise, you'll no longer be able to analyze vulnerabilities.

Not a Dynatrace customer yet? Try the Dynatrace Vulnerabilities experience in our Playground and see how threat-aware, curated vulnerability intelligence helps you cut through noise and focus on real risk.