Cloud Security Management
Join an enablement webinar session
Learn how Datadog Cloud SIEM and Cloud Security Management elevate your organization's threat detection and investigation for dynamic, cloud-scale environments.
Datadog Cloud Security Management (CSM) delivers deep visibility, continuous configuration audits, identity risk assessments, vulnerability detection, and real-time threat detection across your entire cloud infrastructure—all in a unified platform for seamless collaboration and faster remediation.
Security and DevOps teams can act on the shared context of observability and security data to quickly prioritize and remediate issues.
CSM leverages both the Datadog Agent and Agentless. It includes a variety of features you can enable to manage different facets of your organization’s security:
- Threats: Monitors file, network, and process activity across your environment to detect real-time threats to your infrastructure.
- Misconfigurations: Tracks the security hygiene and compliance posture of your production environment, automates audit evidence collection, and enables you to remediate misconfigurations that leave your organization vulnerable to attacks.
- Identity Risks: Provides in-depth visibility into your organization’s AWS IAM, Azure, and GCP risks, and enables you to detect and resolve identity risks on an ongoing basis.
- Vulnerabilities: Continuously detect, prioritize, and remediate exploitable vulnerabilities in your container images, host images, and hosts running in your infrastructure.
Collecting events using Cloud Security Management will affect your billing. For more information, see
Datadog Pricing.
Track your organization’s health
Available for CSM Misconfigurations, the security posture score helps you track your organization’s overall health. The score represents the percentage of your environment that satisfies all of your active out-of-the-box cloud and infrastructure compliance rules.
Improve your organization’s score by remediating misconfigurations, either by resolving the underlying issue or by muting the misconfiguration.
For an overview of your Cloud Security and Application Security findings, sorted by importance, use the Security Inbox.
To get more detail, use the Explorers to review and remediate your organization’s security findings concerning misconfigurations, vulnerabilities, and identity risks. View detailed information about a finding, including guidelines and remediation steps. Send real-time notifications when a threat is detected in your environment, and use tags to identify the owner of an impacted resource.
Investigate resources
Resource Catalog is not supported for your selected
Datadog site (
).
Use the Resource Catalog to view specific misconfigurations and threats that have been reported on the hosts and resources in your environments. For more information, see the Resource Catalog documentation.
Subscribe to weekly digest reports
Receive a weekly summary of Cloud Security Management activity over the past week, including important new security issues discovered in the last seven days. Subscriptions to the weekly digest report are managed on a per user basis. To subscribe to the weekly digest report, you must have the security_monitoring_signals_read permission.
Learn about emerging threats and vulnerabilities
Use the Security Research Feed to stay current with the latest security developments, with content managed by Datadog’s Security Research and Detection Engineering teams. For more information, see the Security Research Feed documentation.
Next steps
To get started with CSM, navigate to the Cloud Security Management Setup page in Datadog, which has detailed steps on how to set up and configure CSM. For more information, see Setting Up Cloud Security Management.
Further reading
Additional helpful documentation, links, and articles:
