The feed is built on multiple reputable sources, including OSV.dev, GitHub, the National Vulnerability Database (NVD), and vendor advisories.

Dynatrace's platform is a central hub for IT professionals and DevOps teams, offering insights into application performance monitoring, cloud observability, and digital experience management. Through articles, case studies, and industry reports, Dynatrace offers insights into monitoring distributed systems, detecting performance bottlenecks, and optimizing application performance. Readers can learn about end-to-end visibility, AI-driven analytics, and automation solutions to deliver superior digital experiences for users.

Dynatrace

Dynatrace is launching its own first-party vulnerability feed to replace external sources, built on OSV.dev, GitHub, NVD, and vendor advisories. The new feed promises more accurate, timely, and threat-aware vulnerability intelligence with full parity for critical/high-severity vulnerabilities and 90%+ coverage for medium/low-severity issues. Available automatically in SaaS version 1.334 (March 2026) and requiring manual update for Managed deployments by April 2027. Existing vulnerabilities will retain CVE numbers but receive new Dynatrace Vulnerability IDs, while non-CVE vulnerabilities from the old feed will be marked as resolved.

Introducing the Dynatrace vulnerability feed: Accurate, transparent, and threat-aware

A first-party vulnerability feed: Agile, precise, and focused on real customer risk

Coverage and parity with the previous vulnerability feed

What changes for existing vulnerabilities?

Availability for SaaS vs. Managed: What You Need to Do