--- title: Manage App and API Protection Posture Across Development Teams description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: >- Docs > Internal Developer Portal > Use Cases > Manage App and API Protection Posture Across Development Teams --- # Manage App and API Protection Posture Across Development Teams {% callout %} # Important note for users on the following Datadog sites: app.ddog-gov.com {% alert level="danger" %} This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). (). {% /alert %} {% /callout %} The Software Catalog enables organizations to seamlessly incorporate security into every development stage, ensuring a strong security posture across teams, applications, and systems. Software Catalog surfaces and centralizes security signals, enabling developers to prioritize actions and address vulnerabilities promptly. Meanwhile, managers can oversee risks, drive improvements, and ensure organizational compliance. {% image source="https://docs.dd-static.net/images/tracing/software_catalog/appsec-use-case.a0397a2cc1c01000d21632fd168d16d9.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/tracing/software_catalog/appsec-use-case.a0397a2cc1c01000d21632fd168d16d9.png?auto=format&fit=max&w=850&dpr=2 2x" alt="The Security tab of the Software Catalog, showing vulnerability risk, attack exposure, and coverage for each service." /%} ## Build secure applications by design{% #build-secure-applications-by-design %} Software Catalog provides default paths and guardrails to helps teams create, assess, and improve secure processes. Developers can [scaffold new services](https://app.datadoghq.com/app-builder/apps/edit?activeTab=data&showActionCatalog=false&template=scaffolding&viewMode=edit&visibleDataItemId=triggerScaffoldNewServiceWorkflow-action) or integrate cloud resources confidently, assured that security standards are enforced at every step. For services instrumented with APM, APM Security Views automatically detect services vulnerable to application attacks, such as SQL injections, SSRF, or Log4Shell attacks. You can use APM Security Views to investigate each service and type of attack your organization encounters, understand the associated security risks, and effectively manage your application attack surface with runtime context. ## Track third-party software and dependencies{% #track-third-party-software-and-dependencies %} Software Catalog organizes and highlights third-party dependencies, ranging from open-source libraries to programming languages. Teams can monitor versions, launch upgrades, and proactively address vulnerabilities. - DevSecOps: Use Software Catalog to track dependencies and spearhead upgrade initiatives. - Managers: Access real-time reports on upgrade progress and compliance. - Developers: Incorporate dependency updates into daily workflows with minimal disruption. ## Configuration details{% #configuration-details %} 1. Click a service in Software Catalog to open the service side panel. 1. Select the **Performance** tab at the top of the panel. 1. Find the **Libraries** sub-tab, which lists all external libraries used and their versions. {% image source="https://docs.dd-static.net/images/tracing/software_catalog/appsec-use-case-libraries.9780f6430b0440b4dc68bfdd137a8f6a.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/tracing/software_catalog/appsec-use-case-libraries.9780f6430b0440b4dc68bfdd137a8f6a.png?auto=format&fit=max&w=850&dpr=2 2x" alt="The Security tab of the Software Catalog, showing vulnerability risk, attack exposure, and coverage for each service." /%} ## Further reading{% #further-reading %} - [Datadog App and API Protection](https://docs.datadoghq.com/security/application_security.md) - [Gain visibility into risks, vulnerabilities, and attacks with APM Security View](https://www.datadoghq.com/blog/apm-security-view/)