Setting Up Cloud Security Management

Cloud Security Management is not supported for your selected Datadog site ().

Cloud Security Management offerings are now available in three separate packages: CSM Enterprise, CSM Pro, and CSM Workload Security. For more information, see Changes to Datadog Cloud Security Management.

Cloud Security Management (CSM) delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure, all in a unified view for seamless collaboration and faster remediation.

CSM is available in three packages: CSM Enterprise, CSM Pro, and CSM Workload Security. Each package includes access to a specific set of features, as shown in the following table:

PackageFeatures
CSM Enterprise
CSM Pro
CSM Workload Security

Notes:

Prerequisites

    • Datadog Agent 7.44 or later.
    • Data collection is done using eBPF, so Datadog minimally requires platforms that have underlying Linux kernel versions of 4.15.0+ or have eBPF features backported. CSM Threats supports the following Linux distributions:
      • Ubuntu LTS (18.04, 20.04, and 22.04)
      • Debian 10 or later
      • Amazon Linux 2 (kernels 4.15, 5.4, and 5.10) and 2023
      • SUSE Linux Enterprise Server 12 and 15
      • Red Hat Enterprise Linux 7, 8, and 9
      • Oracle Linux 7, 8, and 9
      • CentOS 7
      • Custom kernel builds are not supported.
    • For compatibility with a custom Kubernetes network plugin like Cilium or Calico, see the Troubleshooting page.

    To enable CSM Pro, you must first set up the Datadog cloud account integrations for AWS, Azure, and Google Cloud Platform.

    • Datadog Agent 7.44 or later.
    • Data collection is done using eBPF, so Datadog minimally requires platforms that have underlying Linux kernel versions of 4.15.0+ or have eBPF features backported. CSM Threats supports the following Linux distributions:
      • Ubuntu LTS (18.04, 20.04, and 22.04)
      • Debian 10 or later
      • Amazon Linux 2 (kernels 4.15, 5.4, and 5.10) and 2023
      • SUSE Linux Enterprise Server 12 and 15
      • Red Hat Enterprise Linux 7, 8, and 9
      • Oracle Linux 7, 8, and 9
      • CentOS 7
      • Custom kernel builds are not supported.
    • For compatibility with a custom Kubernetes network plugin like Cilium or Calico, see the Troubleshooting page.

    Further Reading

    Additional helpful documentation, links, and articles:

    Getting Started with Cloud Security ManagementDOCUMENTATION more more Explore default cloud configuration compliance rulesDOCUMENTATION more more Learn more about Datadog Cloud Runtime SecurityBLOG more more How to detect security threats in your systems' Linux processesBLOG more more The PwnKit vulnerability: Overview, detection, and remediationBLOG more more The Dirty Pipe vulnerability: Overview, detection, and remediationBLOG more more Using the Dirty Pipe Vulnerability to Break Out from ContainersBLOG more more Catch attacks at the network layer with DNS-based threat detectionBLOG more more