Datadog Security

Overview

Bring speed and scale to your production security operations. Datadog Security delivers real-time threat detection, and continuous configuration audits across applications, hosts, containers, and cloud infrastructure. Coupled with the greater Datadog observability platform, Datadog Security brings unprecedented integration between security and operations aligned to your organizations shared goals.

Datadog Security includes Application Security Management, Cloud SIEM, and Cloud Security Management. To learn more, check out the 30-second Product Guided Tour.

Application Security Management

Application Security Management (ASM) provides observability into application-level attacks that aim to exploit code-level vulnerabilities, such as Server-Side-Request-Forgery (SSRF), SQL injection, Log4Shell, and Reflected Cross-Site-Scripting (XSS). ASM leverages Datadog APM, the Datadog Agent, and in-app detection rules to detect threats in your application environment. Check out the product Guided Tour to see more.

A security signal panel in Datadog, which displays attack flows and flame graphs

Cloud SIEM

Cloud SIEM (Security Information and Event Management) detects real-time threats to your application and infrastructure, like a targeted attack, an IP communicating with your systems which matches a threat intel list, or an insecure configuration. Cloud SIEM is powered by Datadog Log Management. With these areas combined, you can automate remediation of threats detected by Datadog Cloud SIEM to speed up your threat-response workflow. Check out the dedicated Guided Tour to see more.

The Cloud SIEM home page showing the Security Overview section with widgets for important signals, suspicious actors, impacted resources, threat intel, and signal trends

Cloud Security Management

Cloud Security Management (CSM) delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure, all in a unified view for seamless collaboration and faster remediation. Powered by observability data, security teams can determine the impact of a threat by tracing the full attack flow and identify the resource owner where a vulnerability was triggered.

CSM includes Threats, Misconfigurations, Identity Risks, and Vulnerabilities. To learn more, check out the dedicated Guided Tour.

The Security Inbox on the Cloud Security Management overview shows a list of prioritized security issues

To get started with Datadog Security, navigate to the Security > Setup page in Datadog, which has detailed information for single or multi-configuration, or follow the getting started sections below to learn more about each area of the platform.

Further Reading

Additional helpful documentation, links, and articles:

Check out the latest Datadog Security releases! (App login required).RELEASE NOTES more more See a Product Guided TourGUIDED TOUR more more Begin detecting threats with Cloud SIEMDOCUMENTATION more more Start tracking misconfigurations with CSM MisconfigurationsDOCUMENTATION more more Uncover kernel-level threats with CSM ThreatsDOCUMENTATION more more Read about security-related topics on Datadog's Security Labs blogSECURITY LABS more more Join an interactive session to elevate your security and threat detectionFOUNDATION ENABLEMENT more more Elevate AWS threat detection with Stratus Red TeamBLOG more more Best practices for securing Kubernetes applicationsBLOG more more Best practices for network perimeter security in cloud-native environmentsBLOG more more Best practices for data security in cloud-native infrastructureBLOG more more Security-focused chaos engineering experiments for the cloudBLOG more more