Application Security capabilities support

The following application security capabilities are supported in the Python library, for the specified tracer version:

Application Security capabilityMinimum Python tracer version
Threat Detection1.9.0
Threat Protection1.10.0
Customize response to blocked requests1.19.0
Software Composition Analysis (SCA)1.5.0
Code Securityprivate beta
Automatic user activity event tracking1.17.0
API Security2.6.0

Note: Threat Protection requires enabling Remote Configuration, which is included in the listed minimum tracer version.

Supported deployment types

TypeThreat Detection supportSoftware Composition Analysis
Docker
Kubernetes
Amazon ECS
AWS Fargate
AWS Lambda

Language and framework compatibility

Supported Python versions

The Python Application Security Client library follows a versioning policy that specifies the support level for the different versions of the library and Python runtime.

Two release branches are supported:

ReleaseSupport level
<1Maintenance
>=1.0,<2General Availability

And the library supports the following runtimes:

OSCPURuntimeRuntime versionSupport ddtrace versions
Linuxx86-64, i686, AArch64CPython2.7, 3.5-3.11<2
MacOSIntel, Apple SiliconCPython2.7, 3.5-3.11<2
Windows64bit, 32bitCPython2.7, 3.5-3.11<2

Web framework compatibility

  • Attacker source HTTP request details
  • Tags for the HTTP request (status code, method, etc)
  • Distributed Tracing to see attack flows through your applications
Application Security Capability Notes
  • Software Composition Analysis is supported on all frameworks

Supported frameworks

FrameworkVersionsThreat Detection supported?Threat Protection supported?
Django1.8
Flask0.10

Support for query strings is not available for Flask.

If you don't see your framework of choice listed, let us know! Fill out this short form to send details.

Data store compatibility

Datastore tracing provides:

  • timing request to response
  • query info (for example, a sanitized query string)
  • error and stacktrace capturing
Application Security Capability Notes
  • Software Composition Analysis is supported on all frameworks.
  • Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.

The Python library supports the database API specifications and supports all generic SQL databases. This includes databases such as SQLite, Mysql, Postgres and MariaDB.

User Authentication Frameworks compatibility

Integrations to User Authentication Frameworks provide:

  • User login events, including the user IDs
  • Account Takeover detection monitoring for user login events
FrameworkFramework Versions
Django1.11, 2.2, 3.2, >= 4.0
PREVIEWING: may/unit-testing