Use the following instructions to enable container image metadata collection and Software Bill of Materials (SBOM) collection in the Datadog Agent for CSM Vulnerabilities. This allows you to scan the libraries in container images to detect vulnerabilities. Vulnerabilities are evaluated and and scanned against your containers every hour.

To learn more about the supported deployment types for each CSM feature, see Setting Up Cloud Security Management.

  1. Add the following to the datadog.yaml configuration file:

    sbom:
      enabled: true
      container_image:
        enabled: true
    container_image:
      enabled: true
    
  2. Restart the Agent.