- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
You can monitor application security for Ruby apps running in Docker, Kubernetes, Amazon ECS, and AWS Fargate.
DD_APPSEC_ENABLED=true
또는 --enable-appsec
플래그를 사용하여 서비스를 다시 시작할 필요가 없습니다.Update your Gemfile to include the Datadog library:
gem 'datadog', '~> 2.0' # Use 'ddtrace' if you're using v1.x
To check that your service’s language and framework versions are supported for ASM capabilities, see Compatibility.
For more information about upgrading to v2 from a dd-trace
1.x version, see the Ruby tracer upgrade guide.
Enable ASM by enabling the APM tracer. The following options describe a quick setup that covers the most common cases. Read the Ruby tracer documentation for more details.
You can enable ASM either in your code:
Enable the APM tracer by adding an initializer in your application code:
# config/initializers/datadog.rb
require 'datadog/appsec'
Datadog.configure do |c|
# enable the APM tracer
c.tracing.instrument :rails
# enable ASM
c.appsec.enabled = true
c.appsec.instrument :rails
end
Or enable the APM tracer through auto-instrumentation by updating your Gemfile to auto-instrument:
gem 'datadog', '~> 2.0', require: 'datadog/auto_instrument'
And also enable appsec
:
# config/initializers/datadog.rb
require 'datadog/appsec'
Datadog.configure do |c|
# the APM tracer is enabled by auto-instrumentation
# enable ASM
c.appsec.enabled = true
c.appsec.instrument :rails
end
Enable the APM tracer by adding the following to your application’s startup:
require 'sinatra'
require 'datadog'
require 'datadog/appsec'
Datadog.configure do |c|
# enable the APM tracer
c.tracing.instrument :sinatra
# enable ASM for Sinatra
c.appsec.enabled = true
c.appsec.instrument :sinatra
end
Or enable the APM tracer through auto-instrumentation:
require 'sinatra'
require 'datadog/auto_instrument'
Datadog.configure do |c|
# the APM tracer is enabled by auto-instrumentation
# enable ASM for Sinatra
c.appsec.enabled = true
c.appsec.instrument :sinatra
end
Enable the APM tracer by adding the following to your config.ru
file:
require 'datadog'
require 'datadog/appsec'
Datadog.configure do |c|
# enable the APM tracer
c.tracing.instrument :rack
# enable ASM for Rack
c.appsec.enabled = true
c.appsec.instrument :rack
end
use Datadog::Tracing::Contrib::Rack::TraceMiddleware
use Datadog::AppSec::Contrib::Rack::RequestMiddleware
Or one of the following methods, depending on where your application runs:
Update your configuration container for APM by adding the following argument in your docker run
command:
docker run [...] -e DD_APPSEC_ENABLED=true [...]
Add the following environment variable value to your container Dockerfile:
ENV DD_APPSEC_ENABLED=true
Update your configuration yaml file container for APM and add the AppSec env variable:
spec:
template:
spec:
containers:
- name: <CONTAINER_NAME>
image: <CONTAINER_IMAGE>/<TAG>
env:
- name: DD_APPSEC_ENABLED
value: "true"
Update your ECS task definition JSON file, by adding this in the environment section:
"environment": [
...,
{
"name": "DD_APPSEC_ENABLED",
"value": "true"
}
]
Initialize ASM in your code or set DD_APPSEC_ENABLED
environment variable to true in your service invocation:
env DD_APPSEC_ENABLED=true rails server
라이브러리가 애플리케이션에서 보안 데이터를 수집해 에이전트로 전송하고, 이 데이터는 다시 Datadog로 전송됩니다. 그러면 기본 감지 규칙에 의해 공격자 기술과 잠재 구성 오류가 플래그되어 문제 해결을 위한 단계를 밟을 수 있습니다.
애플리케이션 보안 관리에서 감지 활동을 잘 하고 있는지 확인하려면 알려진 공격 패턴을 애플리케이션으로 보내세요. 예를 들어 다음 curl 스크립트가 포함된 파일을 실행해 보안 스캐너 감지됨 규칙을 트리거할 수 있습니다.
for ((i=1;i<=250;i++));
do
# Target existing service’s routes
curl https://your-application-url/existing-route -A dd-test-scanner-log;
# Target non existing service’s routes
curl https://your-application-url/non-existing-route -A dd-test-scanner-log;
done
참고: dd-test-scanner-log
값은 최신 릴리스에서 지원됩니다.
애플리케이션을 활성화하고 실행한 몇 분 후 Datadog의 Application Trance and Signals Explorer에 위협 정보가 표시됩니다.