Getting Started with Cloud Security Management

Overview

Datadog Cloud Security Management (CSM) delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure. Powered by observability data, CSM includes Cloud Security Posture Management (CSPM) and Cloud Workload Security (CWS).

This guide walks you through best practices for getting your team up and running with CSM.

Phase 1: Deployment

  1. Install the Datadog Agent (version 7.40 or above).
  2. Enable CSM for for your cloud resources and infrastructure:
  3. Check out the CSM homepage to get an overview of your organization’s risks and threats.
  4. Review 500+ out-of-the-box CWS and CSPM detection rules.
  5. Explore security signals and review CSPM findings.
  6. Set up notification rules and receive alerts using Slack, Jira, email, and more.

Phase 2: Customization

  1. Set up CWS suppression rules to reduce noise.
  2. Create custom detection rules for CSPM and CWS.

Phase 3: Reports and dashboards

  1. Assess your organization’s posture by reviewing compliance reports.
  2. Use out-of-the-box dashboards or create your own for faster investigations, reporting, and monitoring.

Further reading

Additional helpful documentation, links, and articles:

Cloud Security ManagementDOCUMENTATION more more CSPM cloud resources schemaDOCUMENTATION more more Automate end-to-end processes with Datadog WorkflowsBLOG more more Security research, reports, tips, and videos from DatadogSECURITY LABS more more