Java Compatibility Requirements

ASM capabilities

The following ASM capabilities are supported in the Java library, for the specified tracer version:

The minimum tracer version to get all supported ASM capabilities for Java is 1.15.0.

Note: Threat Protection requires enabling Remote Configuration, which is included in the listed minimum tracer version.

Supported deployment types

Note: Azure App Service is supported for web applications only. ASM doesn’t support Azure Functions.

Language and framework compatibility

Supported Java versions

The Java Tracer supports automatic instrumentation for the following Oracle JDK and OpenJDK JVM runtimes.

Datadog does not officially support any early-access versions of Java.

Web framework compatibility

• Attacker source HTTP request details
• Tags for the HTTP request (status code, method, etc)
• Distributed Tracing to see attack flows through your applications

ASM Capability Notes

• Vulnerability Management for OSS is supported on all frameworks
• If Vulnerability Management for Code-level does not support your framework, it will still detect Weak Cipher, Weak Hashing, Insecure Cookie, Cookie without HttpOnly Flag, and Cookie without SameSite Flag vulnerabilities.

Note: Many application servers are Servlet compatible and are automatically covered by that instrumentation, such as Websphere, Weblogic, and JBoss. Also, frameworks like Spring Boot (version 3) inherently work because they usually use a supported embedded application server, such as Tomcat, Jetty, or Netty.

Networking framework compatibility

dd-java-agent includes support for automatically tracing the following networking frameworks.

Networking tracing provides:

• Distributed tracing through your applications
• Request-based blocking

ASM Capability Notes

• Vulnerability Management for OSS is supported on all frameworks
• If Vulnerability Management for Code-level does not support your framework, it will still detect Weak Cipher, Weak Hashing, Insecure Cookie, Cookie without HttpOnly Flag, and Cookie without SameSite Flag vulnerabilities.

Data store compatibility

dd-java-agent includes support for automatically tracing the following database frameworks/drivers.

Datastore tracing provides:

• Timing request to response
• Query info (for example, a sanitized query string)
• Error and stacktrace capturing

ASM Capability Notes

• Vulnerability Management for OSS is supported on all frameworks
• Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.
• If your framework is not supported below, Vulnerability Management for Code-level won’t detect SQL Injection vulnerabilities, but will still detect the rest of vulnerability types listed here.

dd-java-agent is also compatible with common JDBC drivers for Threat Detection, such as:

• Apache Derby
• Firebird SQL
• H2 Database Engine
• HSQLDB
• IBM DB2
• MariaDB
• MSSQL (Microsoft SQL Server)
• MySQL
• Oracle
• Postgres SQL
• ScalikeJDBC

User Authentication Frameworks compatibility

Integrations to User Authentication Frameworks provide:

• User login events, including the user IDs
• Account Takeover detection monitoring for user login events