Cloud Security Posture Management

Datadog Cloud Security Posture Management (CSPM) makes it easier to assess and visualize the current and historic security posture of your cloud resources, automate audit evidence collection, and remediate misconfigurations that leave your organization vulnerable to attacks. By continuously surfacing security weaknesses resulting from misconfigurations, teams can mitigate risks while ensuring compliance with industry standards.

Detect misconfigurations across your cloud resources

Strengthen your security posture and achieve continuous compliance by detecting, prioritizing, and remediating misconfigurations across all your cloud resources using Datadog’s out-of-the-box detection rules.

View a high-level overview of your security posture on the Overview page. Examine the details of findings and analyze historical configurations with the Security Findings Explorer.

Maintain compliance with industry frameworks and benchmarks

CSPM comes with more than 400 out-of-the-box detection rules that are maintained by a team of security experts. The rules map to controls and requirements within compliance standards and industry benchmarks, such as PCI and SOC2 compliance frameworks.

View compliance reports to see how well you’re doing against each control in a compliance framework. The reports include details such as resources with the most failed findings, a comprehensive breakdown of the number of resources with pass/fail findings, and the top three high-severity rule failures.

Manage out-of-the-box and custom detection rules

Out-of-the-box detection rules surface the most important risks so that you can immediately take steps to remediate. Datadog continuously develops new default rules, which are automatically imported into your account. Customize the rules by defining how each rule scans your environment, create custom rules, and set up real-time notifications for failed findings.

Set up real-time notifications

Send real-time notifications when a new misconfiguration is detected in your environment, so that your teams can take action to mitigate the risk. Notifications can be sent to Slack, email, PagerDuty, webhooks, and more.

Use template variables and Markdown to customize notification messages. Edit, disable, and delete existing notification rules, or create new rules and define custom logic for when a notification is triggered based on severity and rule type.

Review and remediate findings

Investigate details using the Security Findings Explorer. View detailed information about a resource, such as configuration, detection rules applied to the resource, and tags that provide additional context about who owns the resource and its location within your environment. If a finding does not match your business use case or is an accepted risk, you can mute the finding up to an indefinite period of time.

Get started