This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Application Security capabilities support

The following application security capabilities are supported in the .NET library, for the specified tracer version:

Application Security capabilityMinimum .NET tracer version
Threat Detection2.23.0
Threat Protection2.26.0
Customize response to blocked requests2.27.0
Software Composition Analysis (SCA)2.16.0
Code Security2.42.0
Automatic user activity event tracking2.32.0
API Security2.42.0

The minimum tracer version to get all supported application security capabilities for .NET is 2.42.0.

Note: Threat Protection requires enabling Remote Configuration, which is included in the listed minimum tracer version.

Supported deployment types

TypeThreat Detection supportSoftware Composition Analysis
Docker
Kubernetes
Amazon ECS
AWS Fargate
AWS Lambda
Azure App Service

Note: Azure App Service is supported for web applications only. Application Security capabilities are not supported for Azure Functions.

Language and framework compatibility

Supported .NET versions

.NET Framework VersionMicrosoft End of LifeSupport levelPackage version
4.8.1GAlatest
4.8GAlatest
4.7.2GAlatest
4.7.1GAlatest
4.7GAlatest
4.6.201/12/2027GAlatest
4.6.104/26/2022GAlatest
.NET Core VersionMicrosoft End of LifeSupport levelPackage version
904/12/2026GAlatest
811/10/2026GAlatest
704/14/2024GAlatest
611/12/2024GAlatest
504/10/2022GAlatest
3.112/13/2022GAlatest
3.003/03/2020GAlatest
2.223/10/2019GAlatest
2.108/21/2021GAlatest

These are supported on the following architectures:

  • Linux (GNU) x64, ARM64 - (.Net Core)
  • Alpine Linux (musl) x64, ARM64 - (.Net Core)
  • macOS (Darwin) x64, ARM64 - (.Net Core)
  • Windows (msvc) x86, x86-64 - (.Net Core and .Net Framework)

Web framework compatibility

  • Attacker source HTTP request details
  • Tags for the HTTP request (status code, method, etc)
  • Distributed Tracing to see attack flows through your applications
Application Security Capability Notes
  • Software Composition Analysis is supported on all frameworks.
  • If your framework is not listed below, Code Security will still detect Insecure Cookie vulnerabilities.
FrameworkThreat Detection supported?Threat Protection supported?Code Security?
ASP.NET MVC
ASP.NET Web API 2
If you don't see your framework of choice listed, let us know! Fill out this short form to send details.

Data store compatibility

Datastore tracing provides:

  • SQL attack detection
  • query info (for example, a sanitized query string)
  • error and stacktrace capturing
Application Security Capability Notes
  • Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.
FrameworkThreat Detection supported?Threat Protection supported?Code Security?
OracleDB
ADO.NET
SQL Server
MySQL
SQLite

User Authentication Frameworks compatibility

Integrations to User Authentication Frameworks provides:

  • User login events including the user IDs
  • User signup events (apps using built-in SignInManager)
  • Account Takeover detection monitoring for user login events
Framework
> .Net Core 2.1