Skip to content

Support Policy - experiment, share feedback, and help shape the future

This repository is part of an enablement project created by the Center of Excellence at Dynatrace. Our mission is to empower you to explore and adopt these resources to accelerate innovation. Support is community-driven and provided exclusively via GitHub Issues.

We will make every effort to assist and address reported problems, but please note:

  • The materials are provided β€œas-is”, without any warranties or guarantees.
  • Use of this technology is at your own discretion and risk.

We encourage you to experiment, share feedback, and help shape the future. Start building today!

MCP-Powered Security Analysis with Unguard#

Welcome to this hands-on tutorial where you'll learn how to leverage the Model Context Protocol (MCP) with AI agents to analyze, detect, and remediate security vulnerabilities in a real-world application.

🎯 What You'll Learn#

In this tutorial, you'll discover how to:

  • Connect to MCP Servers and interact with AI agents through the Model Context Protocol
  • Analyze vulnerable code in the Unguard application using AI-powered code analysis
  • Query Dynatrace insights to correlate code vulnerabilities with runtime security findings
  • Interact with Davis CoPilot for intelligent security recommendations
  • Automatically remediate vulnerabilities with AI-assisted code fixes
  • Access observability data including logs, metrics, traces, and security events

πŸ” About Unguard#

Unguard is an intentionally insecure cloud-native microservices application designed for security training and testing. It consists of eight microservices written in different languages (Java, .NET, Python, Node.js, PHP, Go, Next.js) and encompasses real-world vulnerabilities including:

  • Server-Side Request Forgery (SSRF)
  • SQL Injection
  • Command Injection
  • JWT Key Confusion
  • Remote Code Execution (RCE)
  • And many more security flaws

This makes it the perfect environment to learn how AI agents can help identify and fix security issues in production-like code.

πŸ€– The Power of MCP#

The Model Context Protocol enables AI agents to:

  • Access and analyze your codebase directly
  • Connect to Dynatrace monitoring data in real-time
  • Execute queries across logs, metrics, and security findings
  • Provide actionable recommendations based on both code and runtime context
  • Automate vulnerability remediation with precision

AI-Powered Code Analysis

πŸš€ What You'll Do#

Throughout this tutorial, you will:

  1. Connect to the MCP server using your credentials
  2. Interact with the AI agent to explore the Unguard application
  3. Identify security vulnerabilities in the code
  4. Correlate code issues with runtime security findings from Dynatrace
  5. Use the agent to automatically fix vulnerabilities
  6. Generate executive summaries of security remediations

Ready to Start?

Let's begin by checking the prerequisites and connecting to the MCP server!