Cloud Security Management

Datadog Cloud Security Management (CSM) delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure, all in a unified view for seamless collaboration and faster remediation. Powered by observability data, security teams can determine the impact of a threat by tracing the full attack flow and identify the resource owner where a vulnerability was triggered.

CSM leverages the Datadog Agent and platform-wide cloud integrations and includes:

• Threats: Monitors file, network, and process activity across your environment to detect real-time threats to your infrastructure.
• Misconfigurations: Tracks the security hygiene and compliance posture of your production environment, automates audit evidence collection, and enables you to remediate misconfigurations that leave your organization vulnerable to attacks.
• Identity Risks: Provides in-depth visibility into your organization’s AWS IAM risks and enables you to detect and resolve identity risks on an ongoing basis.
• Vulnerabilities: Leverages infrastructure observability to detect, prioritize, and manage vulnerabilities in your organization’s containers and hosts.

Track your organization’s health

Available for CSM Misconfigurations, the security posture score helps you track your organization’s overall health. The score represents the percentage of your environment that satisfies all of your active out-of-the-box cloud and infrastructure compliance rules.

Improve your organization’s score by remediating misconfigurations, either by resolving the underlying issue or by muting the misconfiguration.

Explore and remediate issues

Use the Explorers to review and remediate your organization’s security detections. View detailed information about a detection, including guidelines and remediation steps. Send real-time notifications when a threat is detected in your environment, and use tags to identify the owner of an impacted resource.

Investigate resources

Use the Resource Catalog to view specific misconfigurations and threats that have been reported on the hosts and resources in your environments. See Resource Catalog for more information.

Subscribe to weekly digest reports

Receive a weekly summary of Cloud Security Management activity over the past week, including important new security issues discovered in the last seven days. Subscriptions to the weekly digest report are managed on a per user basis. To subscribe to the weekly digest report, you must have the security_monitoring_signals_read permission.

Next steps

To get started with CSM, navigate to the Security > Setup section in Datadog, which has detailed steps on how to set up and configure CSM. For more information, see Setting Up Cloud Security Management.

Further reading

Additional helpful documentation, links, and articles:

See What's New in Datadog Security ComplianceRELEASE NOTES Start tracking misconfigurations with CSM MisconfigurationsDOCUMENTATION Uncover kernel-level threats with CSM ThreatsDOCUMENTATION Elevate AWS threat detection with Stratus Red TeamBLOG Best practices for securing Kubernetes applicationsBLOG Run Atomic Red Team detection tests in container environments with Datadog’s Workload Security EvaluatorBLOG Add security context to observability data with Datadog Cloud Security ManagementBLOG Fix common cloud security risks with the Datadog Security Labs RulesetBLOG Best practices for application security in cloud-native environmentsBLOG Customize rules for detecting cloud misconfigurations with Datadog Cloud Security ManagementBLOG Build sufficient security coverage for your cloud environmentBLOG Key learnings from the State of Cloud Security studyBLOG