Cloud Workload Security


Datadog Workload Security detects threats to your production workloads in real-time. With Workload Security, you can monitor file and process activity across your environment to detect threats to your infrastructure, like AWS EC2 instances, docker containers, or Kubernetes clusters, in real-time at the kernel level. Use File Integrity Monitoring (FIM) to watch for changes to key files and directories. Use Process Execution Monitoring to watch process executions for suspicious, malicious, or anomalous activity.

Cloud Workload Security detection rules in the Datadog app

Workload Security uses the Datadog Agent, so if you’re already using Datadog to monitor your environment (within the supported versions and platforms), there’s no need to provision additional resources or introduce new agents. If you don’t already have the Datadog Agent set up, start with setting up the Agent on a supported operating system. As a part of the Datadog platform, you can combine real-time threat detection with metrics, logs, traces, and other telemetry to see the full context surrounding a potential attack on your workloads.

Get started