Use the following instructions to enable Misconfigurations and Vulnerability Management.
Collecting events using Cloud Security Management will affect your billing. For more information, see Datadog Pricing.
Prerequisites
Datadog Agent version 7.46 or later.
Installation
For a package-based deployment, install the Datadog package with your package manager, and then update the files listed below.
/etc/datadog-agent/datadog.yaml
compliance_config:
## @param enabled - boolean - optional - default: false## Set to true to enable CIS benchmarks for Misconfigurations.# enabled: true host_benchmarks:
enabled: true# Vulnerabilities are evaluated and scanned against your containers and hosts every hour.sbom:
enabled: true# Set to true to enable Container Vulnerability Management container_image:
enabled: true# Set to true to enable Host Vulnerability Management host:
enabled: true
/etc/datadog-agent/security-agent.yaml
compliance_config:
## @param enabled - boolean - optional - default: false## Set to true to enable CIS benchmarks for Misconfigurations.# enabled: true host_benchmarks:
enabled: true
Notes:
You can also use the following Agent install script to automatically enable Misconfigurations and Threat Detection:
If you use the Agent install script to enable Misconfigurations and Vulnerability Management, you must manually update the datadog.yaml file to enable host_benchmarks for Misconfigurations, and sbom and container_image for Vulnerability Management.