Dynatrace acquires Runecast, a new vector in cloud-native context-rich security


Bidding to validate its claim as the leader in unified observability and security, Dynatrace started its annual user, practitioner & partner convention this year with a ‘day zero’ style announcement that preceded the main Dynatrace Perform event itself.

Before the observability cognoscenti had barely gotten their hands on their lanyards and customary water bottle t-shirt combo giveaway, Dynatrace had detailed the signing of a definitive agreement to acquire Runecast, a provider of AI-powered security and compliance solutions. 

Contextual protection

Adding Runecast to the Dynatrace platform is promised to extend Dynatrace’s approach to ‘contextual security protection and analytics’ with Runecast security posture management. This coming together is now designed to enable organizations to address the risks of misconfigurations and compliance violations in hybrid and multi-cloud ecosystems.

But now – and here’s the difference that comes as part of the current AI revolution… that de-risking process can be executed proactively, based on AI-driven, automated, real-time vulnerability assessments. 

Additionally, it will allow customers to perform threat detection and incident response with full context detailing their security vulnerabilities, affected applications, risk levels and attack vectors.

A context-rich approach

Cloud-native technologies have of course revolutionised business, but they have also made security more complex. Dynatrace tells us that business faces challenges integrating existing security analytics tools and eliminating security gaps in applications. They need a unified, context-rich approach for observability, security and compliance to safeguard workloads and applications throughout the software delivery lifecycle. 

“By adding Runecast, Dynatrace will expand its platform’s cloud-native application security protection capabilities and help customers achieve these goals. Security posture management is a well-known and vital market, because every organization needs it and has prioritized it in their technology investments for improved security,” said Bernd Greifeneder, CTO at Dynatrace. 

Greifeneder says he believes Dynatrace ‘is differentiated in the market’ as the only platform leveraging contextual observability and security analytics for cloud-native applications to provide end-to-end protection, detection and response. 

“Dynatrace enables users to not only identify and analyze vulnerabilities and threats automatically but also to measure and improve risk exposure and compliance status and perform advanced security analytics and automation. Runecast’s technology will enhance this advantage, elevating our runtime vulnerability analytics and protection and helping our customers to keep their clouds audit ready all the time. We look forward to welcoming Runecast to the platform and the team to Dynatrace,” added Greifeneder.

Real-time, automated, actionable insights

Stanimir Markov, CEO at Runecast echoes Greifeneder words and underlines the promise that Runecast aims to provide organizations with real-time, automated and actionable insights for security compliance, vulnerability assessment, plus also configuration management of their hybrid and multi-cloud environments.

Markov comments, “We are excited to join Dynatrace, the leader in observability and application security, to deliver a comprehensive Cloud-Native Application Protection Platform (CNAPP) that addresses two critical questions for our customers: ‘How secure are we?’ and ‘How compliant are we?’”

Dynatrace plans to provide a seamless experience for customers by embedding Runecast into its unified observability and security platform. Closing of the proposed transaction is subject to customary closing conditions and is expected to occur later in Dynatrace’s fourth quarter, which ends on March 31, 2024.