.NET Compatibility Requirements
Code Security capabilities support
The following code security capabilities are supported in the .NET library, for the specified tracer version:
| Code Security capability | Minimum .NET tracer version |
|---|
| Runtime Software Composition Analysis (SCA) | 2.16.0 |
| Runtime Code Analysis (IAST) | 2.42.0 |
The minimum tracer version to get all supported application security capabilities for .NET is 2.42.0.
Supported deployment types
| Type | Runtime Software Composition Analysis (SCA) | Runtime Code Analysis (IAST) |
|---|
| Docker | | |
| Kubernetes | | |
| Amazon ECS | | |
| AWS Fargate | | Preview (1.15.0) |
| AWS Lambda | | |
| Azure App Service | | |
Note: Azure App Service is supported for web applications only. Code Security capabilities are not supported for Azure Functions.
Language and framework compatibility
Supported .NET versions
For a list of supported platforms and operating systems, see .NET Framework Compatibility and .NET/.NET Core Compatiblity.
Web framework compatibility
- Tags for the HTTP request (status code, method, etc)
- Distributed Tracing to see attack flows through your applications
Code Security Capability Notes
- Runtime Software Composition Analysis (SCA) is supported on all frameworks.
- If your framework is not listed below, Runtime Code Analysis (IAST) will still detect Insecure Cookie vulnerabilities.
| Framework | Runtime Code Analysis (IAST) |
|---|
| ASP.NET MVC | |
| ASP.NET Web API 2 | |
Data store compatibility
Datastore tracing provides:
- query info (for example, a sanitized query string)
- error and stacktrace capturing
Code Security Capability Notes
- Runtime Software Composition Analysis (SCA) is supported on all frameworks.
| Framework | Runtime Code Analysis (IAST) |
|---|
| OracleDB | |
| ADO.NET | |
| SQL Server | |
| MySQL | |
| SQLite | |
