Getting Started with Cloud Security Management

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Overview

Datadog Cloud Security Management (CSM) delivers deep visibility, continuous configuration audits, identity risk assessments, vulnerability detection, and real-time threat detection across your entire cloud infrastructure—all in a unified platform for seamless collaboration and faster remediation.

With CSM, Security and DevOps teams can act on the shared context of observability and security data to quickly prioritize and remediate issues. This guide walks you through best practices for getting your team up and running with CSM.

Phase 1: Deployment

  1. Using Agentless and/or the Datadog Agent (version 7.46 or above), enable CSM for your cloud resources and infrastructure:
    • Threats: Kubernetes, Docker, and host-based installations.
    • Misconfigurations: AWS, Azure, GCP, Kubernetes, and Docker instructions.
    • Identity Risks: Enable AWS resource collection and Cloudtrail logs forwarding.
    • Vulnerabilities: Container image scanning and host scanning instructions for AWS, Azure, Kubernetes, ECS EC2 instances, and host-based installations.
  2. Check out the CSM homepage to get an overview of your organization’s risks and threats.
  3. Review 500+ out-of-the-box Threats and Misconfigurations detection rules.
  4. Explore security signals and review CSM Misconfigurations findings.
  5. Review and remediate identity risks on the Identity Risks page.
  6. Review container vulnerabilities on the Container Images page, and a consolidated list of vulnerabilities on the Infrastructure Vulnerability page.
  7. Set up notification rules and receive alerts using Slack, Jira, email, and more.

Phase 2: Customization

  1. Set up CSM Threats suppression rules to reduce noise.
  2. Create custom detection rules for CSM Misconfigurations and CSM Threats.

Phase 3: Reports and dashboards

  1. Assess your organization’s posture by reviewing compliance reports.
  2. Use out-of-the-box dashboards or create your own for faster investigations, reporting, and monitoring.
  3. Subscribe to the weekly security digest reports to begin investigation and remediation of the most important new security issues discovered in the last seven days.

Disable CSM

For information on disabling CSM, see the following:

Further reading

Documentation, liens et articles supplémentaires utiles:

Cloud Security ManagementDOCUMENTATION more more Cloud Resources Schema ReferenceDOCUMENTATION more more Automate end-to-end processes with Datadog WorkflowsBLOG more more How we use Datadog CSM to improve security posture in our cloud infrastructureBLOG more more How we detect and notify users about leaked Datadog credentialsBLOG more more Report on changes to your security posture with Cloud Security ManagementBLOG more more Detect vulnerabilities in minutes with Agentless Scanning for Cloud Security ManagementBLOG more more Join an interactive session to elevate your security and threat detectionFOUNDATION ENABLEMENT more more Security research, reports, tips, and videos from DatadogSECURITY LABS more more