Datadog Cloud SIEM unifies developer, operation, and security teams through one platform. Use a single dashboard to display DevOps content, business metrics, and security content. Detect threats, like a targeted attack, a threat intel listed IP communicating with your systems, or an insecure configuration, to your application and infrastructure in real time, and notify your team of security issues by email, slack, Jira, PagerDuty, or a webhook.
Threats are surfaced in Datadog as Security Signals and can be correlated and triaged in the Security Signals Explorer. Security Signals are generated by Datadog Cloud SIEM with Detection Rules. Detection Rules detect threats across different sources and are available out of the box for immediate use. You can clone any of the provided detection rules to change the configuration. You can also add a new rule from scratch to fit your specific use case.
Additional helpful documentation, links, and articles: