May 2022

Monitor Content Security Policy violations with Datadog

May 23, 2022 By Jb Aviat In Datadog

Content Security Policy (CSP) is a W3C standard that helps defend web applications against cross-site scripting (XSS), clickjacking, and other code injection attacks. CSP is often deployed by using an HTTP header (or, less commonly, a element) to specify which types of resources are allowed to load on your site and where those resources can come from.

Read Post

Datadog

Read more about Monitor Content Security Policy violations with Datadog

Datadog on Detecting Threats using Network Traffic Flows

May 9, 2022 By Datadog In Datadog

At Datadog’s scale, with over 18,000 customers sending trillions of data points per day, analyzing the volume of data coming in can be challenging. One of the largest log sources internally at Datadog are networking logs. Being able to analyze and make sense of them is critical to keep Datadog secure. To help with the task, we have built a flow analysis pipeline that alerts against network level Indicators of Compromise (IOCs) like IP address, port combinations, and data exchanged.

View Video

Datadog

Read more about Datadog on Detecting Threats using Network Traffic Flows

Security Is Everyone's Job - Linux Vulnerabilities in Production Infra (Nick Davis)

May 3, 2022 By Datadog In Datadog

Security vulnerabilities can show up anywhere in production. In this talk, Nick Davis from Datadog describes an approach to improve the response to new security vulnerabilities, with specifics around the DirtyPipe vulnerability.

View Video