Datadog Application Security Management (ASM) helps secure your web applications and APIs in production. ASM provides visibility into application-level vulnerabilities in your services, and protects in real-time from attacks and attackers that aim to exploit these vulnerabilities.
This guide walks you through best practices for getting your team up and running with ASM.
Identify services that have security risk
Identify services vulnerable or exposed to attacks that would benefit from ASM. Navigate to the ASM Setup page and select the services recommended there.
These security insights are detected from data reported by APM. The insights help prioritize your security efforts. ASM identifies, prioritizes, and helps remediate all security risks on your services.
Note: If no vulnerabilities or suspicious requests are reported, ensure your services are using a recent Datadog tracing library version. From the APM Service Catalog, open any service’s side panel and look at its Tracing Configuration.
Enable ASM
Enable ASM with in-app instructions
Go to the ASM Setup page and follow the instructions to get started. This includes:
Guided selection of services that would benefit from ASM.
Configuring your Datadog tracing libraries with an environment variable.
Set up notification rules to receive alerts using Slack, Jira, email, and more.
Subscribe to the weekly threat digest reports to begin investigation and remediation of the most important security threats discovered in the last seven days.