Datadog Cloud Security Posture Management (CSPM) makes it easier to assess and visualize the current and historic security posture of your cloud environment, automate audit evidence collection, and catch misconfigurations that leave your organization vulnerable to attacks.
Assess the configuration of your cloud resources, such as security groups, storage buckets, load balancers, and databases against configuration rules. Use the Datadog Agent to review local configuration information from servers, containers, and Kubernetes clusters against Datadog’s OOTB security posture rules.
Average security configuration score: Percentage of your environment that satisfies all of your active Datadog’s OOTB rules. Formula:
(# of resources with 0 findings) / (total # of resources scanned).
Requirement: A group of controls representing a single technical or operational topic, such as Access Management or Networking. The regulatory framework PCI DSS, for example, has 12 requirements.
Control: A specific recommendation for how technology, people, and processes should be managed; typically based on a regulation or industry standard.
Resource: A configurable entity that needs to be continuously scanned for adherence with one or more controls. Examples of AWS instance resources include hosts, containers, security groups, users, and customer-managed IAM policies.
Additional helpful documentation, links, and articles: