Cloud Security Management

Overview

Datadog Cloud Security Management delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure - in a unified view for seamless collaboration and faster remediation. Powered by observability data, security teams can determine the impact of a threat quickly by tracing the full attack flow and identify the resource owner where a vulnerability was triggered. Engineers are able to actively monitor their security risks by incorporating security metrics into their existing workflow.

Cloud Security Management includes Cloud Security Posture Management (CSPM), and Cloud Workload Security (CWS).

Cloud Security Management in Datadog

Cloud Security Posture Management

Cloud Security Posture Management (CSPM) tracks the security hygiene and compliance posture of your production environment, can automate audit evidence collection, and catch misconfigurations that leave your organization vulnerable to attacks. See security posture scores across your infrastructure and trace each score back to the applicable benchmark or framework criteria.

Cloud Security Posture Management scores in Datadog

Cloud Workload Security

Cloud Workload Security (CWS) monitors file and process activity across your environment to detect threats to your infrastructure, like AWS EC2 instances, and workloads, like Kubernetes clusters, in real time at the kernel level. Cloud Workload Security uses the unified Datadog Agent, so if you’re already using Datadog to monitor your environment, there’s no need to provision additional resources.

Cloud Workload Security coverage views in Datadog

To get started with Datadog Security, navigate to the Setup & Configuration section in Datadog, which has detailed information for single or multi-configuration, or follow the getting started sections to learn more about each area of the platform.

Further reading