Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2021

Detect unauthorized third parties in your AWS account

Detecting when an unauthorized third party is accessing your AWS account is critical to ensuring your account remains secure. For example, an attacker may have gained access to your environment and created a backdoor to maintain persistence within your environment. Another common (and more frequent) type of unauthorized access can happen when a developer sets up a third-party tool and grants it access to your account to monitor your infrastructure for operations or optimize your bill.

Detect anomalous activity in your environment with new term-based Detection Rules

When it comes to securing your production environment, it’s essential that your security teams are able to detect any suspicious activity before it becomes a more serious threat. While detecting clear-cut attacker techniques is essential, being able to spot unknowns is vital for full security coverage.

Bits of Security, Security Panel

Have a question you’ve been wanting to ask about security at scale, supply chain, or managing great security teams? Join our speakers, industry experts, and Datadog’s very own CISO for an AMA on the “Art of Defense.” We’ll explore all of the topics from the conference speaking sessions and open the door to questions on what we may see from attack and defense in 2021 and beyond.

Bits of Security

The past year introduced a plethora of challenges for security practitioners. While the range of cyber attacks has been vast, these attacks have been confronted with creative defense tactics and techniques. Join Datadog for a practitioner-focused event where we will examine the “Art of Defense,” which will include a range of topics from social problems to engineering challenges around supply chain attacks.

Bits of Security, Snyk.io: Stranger Danger: Finding Security Vulnerabilities Before They Find You!

Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk, since you’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and—most importantly—learn how to avoid or fix it.

Bits of Security, PedidosYa: Fraud Detection using Datadog and Sherlock

From day one, most organizations,especially the big ones, are targeted with a broad range of attacks. These range from information exfiltration attempts to fraud. Although a great majority of them can be addressed with the help of a Web Application Firewall, there are some that require more extensive tooling. Join me as I show you how we use Sherlock and Datadog to block 30,000+ fraudulent users per week in seconds. We will also discuss other applications and how you can implement similar solutions.

Datadog acquires Sqreen to strengthen application security

We began our security journey last year with the release of Datadog Security Monitoring, which provides runtime security visibility and detection capabilities for your environment. Today, we are thrilled to announce that Sqreen, an application security platform, is joining the Datadog team. Together, these products further integrate the work of security, development, and ops teams—and provide a robust, full-stack security monitoring solution for the cloud age.