Google Cloud Service Extensions
Datadog App & API Protection provides defense-in-depth security by monitoring both the Google Cloud Load Balancer and backend services, detecting and alerting on actual exploits and attacks.
App & API Protection provides detailed Security Signals that show attack details, correlated trace spans, and response actions like IP blocking at the load balancer level.
Datadog App & API Protection provides edge-level visibility into attack attempts, showing how malicious requests are detected and blocked at the Google Cloud Load Balancer before they can reach your backend services.
Overview
Datadog App & API Protection extends visibility and inline threat mitigation to your Google Cloud Load Balancers using Google Cloud Service Extensions.
With this integration, you can detect and block attacks—such as API abuse, business logic exploitation, and code-layer threats—right at the edge of your cloud infrastructure.
This integration provides:
- Inline threat detection and blocking at the load balancer using Datadog Security Signals
- Real-time insights into application-layer attacks
- Edge enforcement against OWASP API threats, credential stuffing, injection attacks, etc.
Setup
Installation
See Enabling App & API Protection for GCP Service Extensions for installation instructions.
Validation
To validate the installation of this integration, send known attack patterns to your load balancer. For example, you can trigger the Security Scanner Detected rule by running the following curl script:
for ((i=1;i<=250;i++));
do
# Target existing service's routes
curl https://your-load-balancer-url/existing-route -A dd-test-scanner-log;
# Target non existing service's routes
curl https://your-load-balancer-url/non-existing-route -A dd-test-scanner-log;
done
A few minutes after you enable the service extension and send known attack patterns, threat information appears in the Application Signals Explorer.
Troubleshooting
Need help? Contact Datadog Support.