Dynatrace is adding integration with virtual registry and we wanted t… (#60600)

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>

Author: 3 people

content/code-security/how-tos/secure-your-supply-chain/establish-provenance-and-integrity/upload-linked-artifacts.md

@@ -14,7 +14,7 @@ category:
 The {% data variables.product.virtual_registry %} includes storage records and deployment records for artifacts that you build in your organization. Metadata for each artifact is provided by your organization using one of the following methods:
 
 * A workflow containing one of {% data variables.product.company_short %}'s actions for **artifact attestations**
-* An integration with the **JFrog Artifactory** or **Microsoft Defender for Cloud**
+* An integration with **Dynatrace**, **JFrog Artifactory**, or **{% data variables.product.prodname_microsoft_defender %}**
 * A custom script using the **artifact metadata REST API**
 
 The available methods depend on whether you are uploading a storage record or a deployment record. For more information about record types, see [AUTOTITLE](/code-security/concepts/supply-chain-security/linked-artifacts#which-metadata-is-included).
@@ -47,7 +47,20 @@ For artifacts that do not need to be attested and are not stored on JFrog, you c
 
 ## Uploading a deployment record
 
-If you store artifacts in **{% data variables.product.prodname_mdc_definition %}**, you can use an integration to automatically sync data to the {% data variables.product.virtual_registry %}. Otherwise, you must set up a custom integration with the **REST API**.
+If you monitor deployed workloads with Dynatrace or {% data variables.product.prodname_mdc_definition %}, you can use an integration to automatically sync deployment data to the {% data variables.product.virtual_registry %}. Otherwise, you must set up a custom integration with the REST API.
+
+### Using the Dynatrace integration
+
+You can configure Dynatrace to send deployment records to {% data variables.product.github %} for container images running in your Dynatrace-monitored Kubernetes environments. Dynatrace maps deployed images to your repositories, then reports runtime context.
+
+In addition, deployment records from Dynatrace can include runtime risk context, such as:
+
+* Public internet exposure
+* Sensitive data access
+
+You can use this context in organization-level alert filtering and in security campaigns to prioritize remediation for alerts that affect internet-exposed or sensitive-data workloads.
+
+For setup instructions, see [{% data variables.product.prodname_GHAS %} security integration - Get Started](https://docs.dynatrace.com/docs/secure/threat-observability/security-events-ingest/ingest-github-advanced-security#credentials--github-app-based-authentication) in the Dynatrace documentation.
 
 ### Using the Microsoft Defender for Cloud integration
 

content/code-security/tutorials/secure-your-organization/prioritize-alerts-in-production-code.md

@@ -1,7 +1,7 @@
 ---
 title: Prioritizing Dependabot and code scanning alerts using production context
 shortTitle: Prioritize alerts in production code
-intro: Focus remediation on real risk by targeting {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_code_scanning %} alerts in artifacts deployed to production, using metadata from external registries like JFrog Artifactory, your own CI/CD workflows, or from {% data variables.product.prodname_microsoft_defender %}.
+intro: Focus remediation on real risk by targeting {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_code_scanning %} alerts in artifacts deployed to production, using metadata from external systems and integrations like Dynatrace, JFrog Artifactory, {% data variables.product.prodname_microsoft_defender %}, or your own CI/CD workflows.
 versions:
   fpt: '*'
   ghec: '*'