Datadog Cloud Workload Security (CWS) detects threats to your production workloads in real-time. With Cloud Workload Security, monitor file and process activity across your environment to detect threats to your infrastructure, like AWS EC2 instances, docker containers, or Kubernetes clusters, in real-time at the kernel level. Use File Integrity Monitoring (FIM) to watch for changes to key files and directories. Use Process Execution Monitoring to monitor process executions for suspicious, malicious, or anomalous activity.
Cloud Workload Security uses the Datadog Agent, so if you’re already using Datadog to monitor your environment, there’s no need to provision additional resources or introduce new agents. If you don’t already have the Datadog Agent set up, start with setting up the Agent. As a part of the Datadog platform, you can easily combine real-time threat detection with metrics, logs, traces, and other telemetry to see the full context surrounding a potential attack on your workloads.
Additional helpful documentation, links, and articles: