Each OOTB rule maps to one or more controls within a compliance standard or industry benchmark. Datadog OOTB rules currently map to controls and requirements for the following frameworks and benchmarks:
Datadog CSPM is designed to provide you with visibility into whether your Resources are configured in accordance with certain Rules. Datadog’s OOTB Rules address various regulatory frameworks, benchmarks, and standards (“Security Posture Frameworks”). Please note that Datadog CSPM does not provide an assessment of your actual compliance with any Security Posture Framework, and the OOTB Rules may not address all configuration settings that are relevant to the Security Posture Frameworks. To be clear: just because your Resources pass the OOTB Rules does not mean that you are meeting all the requirements under any particular Security Posture Framework. Datadog is not providing legal or compliance advice or guidance, and we recommend that you use Datadog CSPM in consultation with your legal counsel or compliance experts.
On the Rules page, hover over a rule and click on the pencil icon to edit the rule. Under Define search queries, click the Advanced drop down menu to set filtering logic for how the rule scans your environment.
For example, you can remove all resources tagged with
env:staging using the Never trigger a signal when function. Or, limit the scope for a certain rule to resources tagged with
compliance:pci using the Only trigger a signal when function.
From the Rules page, you can add notification targets. The complete list of notification options are:
Additional helpful documentation, links, and articles: