- はじめに
- エージェント
- インテグレーション
- Watchdog
- イベント
- ダッシュボード
- モバイルアプリケーション
- インフラストラクチャー
- サーバーレス
- メトリクス
- ノートブック
- アラート設定
- APM & Continuous Profiler
- CI Visibility
- RUM & セッションリプレイ
- データベース モニタリング
- ログ管理
- セキュリティプラットフォーム
- Synthetic モニタリング
- ネットワークモニタリング
- 開発者
- API
- アカウントの管理
- データセキュリティ
- ヘルプ
Each OOTB rule maps to one or more controls within a compliance standard or industry benchmark. Datadog OOTB rules currently map to controls and requirements for the following frameworks and benchmarks:
*To pass the Monitoring Section of the CIS AWS Foundations benchmark, you must enable Cloud SIEM and forward Cloudtrail logs to Datadog.
**Some CIS Kubernetes Benchmark detection rules only apply to self-hosted Kubernetes clusters.
Note: Datadog CSPM provides you with visibility into whether your resources are configured in accordance with certain detection rules. Datadog’s OOTB detection rules address various regulatory frameworks, benchmarks, and standards (“Security Posture Frameworks”). Datadog CSPM does not provide an assessment of your actual compliance with any Security Posture Framework, and the OOTB rules may not address all configuration settings that are relevant to the Security Posture Frameworks. To be clear, just because your resources pass the OOTB Rules does not mean that you are meeting all the requirements under any particular Security Posture Framework. Datadog is not providing legal or compliance advice or guidance, and it is recommended that you use Datadog CSPM in consultation with your legal counsel or compliance experts.
On the Rules page, hover over a rule and click on the pencil icon to edit the rule. Under Define search queries, click the Advanced drop down menu to set filtering logic for how the rule scans your environment.
For example, you can remove all resources tagged with env:staging
using the Never trigger a signal when function. Or, limit the scope for a certain rule to resources tagged with compliance:pci
using the Only trigger a signal when function.
From the Rules page, you can add notification targets. The complete list of notification options are:
Set the severity of security posture signals. The dropdown allows you to select an appropriate severity level (INFO, LOW, MEDIUM, HIGH, CRITICAL). In the “Notify” section, configure zero or more notification targets for each rule case.