Enabling ASM

Enable your application to detect and protect against threats targeting your production systems, and to manage risks in your code and its open source dependencies, using the Datadog library for your application language. You can detect vulnerabilities and threats for apps hosted on a server, Docker, Kubernetes, AWS ECS, and (for supported languages) AWS Fargate.

In general, setting up Application Security Management (ASM) involves:

1. Identifying services that are vulnerable or are under attack, which would most benefit from ASM. Find them on the Security tab of your Service Catalog.
2. Updating to the latest Datadog library (the most recent APM tracing library).
3. Enabling the library to collect the application security data from the services and send it to Datadog.
4. Triggering security signals in your application and seeing how Datadog displays the resulting information.

Prerequisites

• The Datadog Agent is installed and configured for your application’s operating system or container, cloud, or virtual environment.
• Datadog APM is configured for your application or service, and traces are being received by Datadog.
• If your service is running with an Agent with Remote Configuration enabled and a tracing library version that supports it, you can block attackers from the Datadog UI without additional configuration of the Agent or tracing libraries.

Select your application language for details on how to do these steps for your language and infrastructure types.

Further Reading

Additional helpful documentation, links, and articles:

Protect against Threats with Datadog Application Security ManagementDOCUMENTATION Programming Language and Framework CompatibilityDOCUMENTATION Tracking user activityDOCUMENTATION OOTB Application Security Management RulesDOCUMENTATION Troubleshooting Application Security ManagementDOCUMENTATION How Application Security Management Works in DatadogDOCUMENTATION Secure serverless applications with Datadog ASMBLOG