Datadog Security

Overview

Bring speed and scale to your production security operations. Datadog Security delivers real-time threat detection, and continuous configuration audits across applications, hosts, containers, and cloud infrastructure. Coupled with the greater Datadog observability platform, Datadog Security brings unprecedented integration between security and operations aligned to your organizations shared goals.

Datadog Security includes Application Security Management, Cloud SIEM, Cloud Security Posture Management (CSPM), and Cloud Workload Security (CWS).

Check out the 30-second Product Guided Tour to see more.

Application Security Management

Application Security Management (ASM) provides observability into application-level attacks that aim to exploit code-level vulnerabilities, such as Server-Side-Request-Forgery (SSRF), SQL injection, Log4Shell, and Reflected Cross-Site-Scripting (XSS). ASM leverages Datadog APM, the Datadog Agent, and in-app detection rules to detect threats in your application environment. Check out the product Guided Tour to see more.

Cloud SIEM

Cloud SIEM (Security Information and Event Management) detects real-time threats to your application and infrastructure, like a targeted attack, an IP communicating with your systems which matches a threat intel list, or an insecure configuration. Cloud SIEM is powered by Datadog Log Management. With these areas combined, you can automate remediation of threats detected by Datadog Cloud SIEM to speed up your threat-response workflow. Check out the dedicated Guided Tour to see more.

Cloud Security Posture Management

Cloud Security Posture Management (CSPM) tracks the security hygiene and compliance posture of your production environment, can automate audit evidence collection, and catch misconfigurations that leave your organization vulnerable to attacks. See security posture scores across your infrastructure and trace each score back to the applicable benchmark or framework criteria. Check out the dedicated Guided Tour to see more.

Cloud Workload Security

Cloud Workload Security (CWS) monitors file and process activity across your environment to detect threats to your infrastructure, like AWS EC2 instances, and workloads, like Kubernetes clusters, in real time at the kernel level. Cloud Workload Security uses the unified Datadog Agent, so if you’re already using Datadog to monitor your environment, there’s no need to provision additional resources. Check out the dedicated Guided Tour to see more.

To get started with Datadog Security, navigate to the Setup & Configuration section in the Datadog app, which has detailed information for single or multi-configuration, or follow the getting started sections below to learn more about each area of the platform.

Further Reading

Documentation, liens et articles supplémentaires utiles:

Check out the latest Datadog Security releases! (App login required).RELEASE NOTES See a Product Guided TourGUIDED TOUR Begin detecting threats with Cloud SIEMDOCUMENTATION Start tracking misconfigurations with Cloud Security Posture ManagementDOCUMENTATION Uncover kernel-level threats with Cloud Workload SecurityDOCUMENTATION Read about security-related topics on Datadog's Security Labs blogSECURITY LABS Join an interactive session to elevate your security and threat detectionFOUNDATION ENABLEMENT Elevate AWS threat detection with Stratus Red TeamBLOG Best practices for securing Kubernetes applicationsBLOG Best practices for network perimeter security in cloud-native environmentsBLOG Best practices for data security in cloud-native infrastructureBLOG