--- title: Setting up Cloud Security on Windows description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: >- Docs > Datadog Security > Cloud Security > Setting up Cloud Security > Deploying Cloud Security on the Agent > Setting up Cloud Security on Windows --- # Setting up Cloud Security on Windows Use the following instructions to enable Misconfigurations, Vulnerability Management, and Identity Risks on Windows. ## Prerequisites{% #prerequisites %} - Agent versions 7.52 and later. - Access to hosts running Windows Server 2016 or newer. ## Limitations{% #limitations %} - Windows containerized workloads are not supported. - Datadog detects vulnerabilities in Windows by identifying the Windows version and installed security knowledge base (KB) updates to address vulnerabilities associated with that version. However, some KB updates are cumulative and contain other KB updates, which might cause Datadog to misidentify which updates have been installed. - Datadog can't track vulnerability fixes that Windows applies outside of KB updates. - Datadog can't track vulnerabilities associated with third-party software. ## Installation{% #installation %} ### Installer{% #installer %} 1. [Install the Datadog Windows Agent](https://docs.datadoghq.com/agent/basic_agent_usage/windows/?tab=gui). 1. Right-click the downloaded `.msi` file and select **Run as administrator**. 1. Follow the prompts, accept the license agreement, and enter your [Datadog API key](https://app.datadoghq.com/organization-settings/api-keys). If you are upgrading from an existing version of the Agent, the installer may not prompt you for an API key. It can take up to 15 minutes to complete the installation. In certain cases, Microsoft Defender may cause slow installation progress. When the install finishes, you are given the option to launch the Datadog Agent Manager. ### Command line{% #command-line %} 1. Download the [Datadog Agent installer](https://docs.datadoghq.com/agent/basic_agent_usage/windows/?tab=commandline). 1. Follow the instructions for command line installation using command prompts or PowerShell. ## Configuration{% #configuration %} ### Enable Vulnerability scanning{% #enable-vulnerability-scanning %} 1. Update your Datadog Agent to 7.58 or later. 1. Ensure you have access to `C:\ProgramData`, which is a hidden folder. - In **File Explorer**, click the **View** tab, and clear the **Hidden items** checkbox. The **ProgramData** folder should now be visible when navigating to the `C:` drive. The transparent icon indicates it is a hidden folder. 1. In `C:\ProgramData\Datadog\datadog.yaml`, set the `sbom` and `host` flags: ``` sbom: enabled: true host: enabled: true ``` 1. [Restart the Datadog Agent](https://docs.datadoghq.com/agent/configuration/agent-commands/?tab=agentv6v7#restart-the-agent) to enable Cloud Security Vulnerability Management. ## Verify that the Agent is sending events to Cloud Security{% #verify-that-the-agent-is-sending-events-to-cloud-security %} To verify that the Agent is sending events to Cloud Security, go to [Cloud Security Overview](https://app.datadoghq.com/security/csm) and view the **Security Inbox** and **All Findings** sections. {% alert level="info" %} Collecting events using Cloud Security affects your billing. For more information, see [Datadog Pricing](https://www.datadoghq.com/pricing/?product=cloud-security-management#products). {% /alert %}