For a package-based deployment, install the Datadog package with your package manager, and then update the datadog.yaml, security-agent.yaml, and system-probe.yaml files.
/etc/datadog-agent/datadog.yaml
remote_configuration:
## @param enabled - boolean - optional - default: false## Set to true to enable remote configuration. enabled: trueruntime_security_config:
## @param enabled - boolean - optional - default: false## Set to true to enable Threat Detection enabled: truecompliance_config:
## @param enabled - boolean - optional - default: false## Set to true to enable CIS benchmarks for Misconfigurations.# enabled: true host_benchmarks:
enabled: true# Vulnerabilities are evaluated and scanned against your containers and hosts every hour.sbom:
enabled: true# Set to true to enable Container Vulnerability Management container_image:
enabled: true# Set to true to enable Host Vulnerability Management host:
enabled: true
/etc/datadog-agent/security-agent.yaml
runtime_security_config:
## @param enabled - boolean - optional - default: false## Set to true to enable Threat Detection enabled: truecompliance_config:
## @param enabled - boolean - optional - default: false## Set to true to enable CIS benchmarks for Misconfigurations.# enabled: true host_benchmarks:
enabled: true
By default, Runtime Security is disabled. To enable it, both the security-agent.yaml and system-probe.yaml files need to be updated.
If you use the Agent install script to enable Misconfigurations and Threat Detection, you must manually update the datadog.yaml file to enable host_benchmarks for Misconfigurations, and sbom and container_image for Container Vulnerability Management.