In order to help organizations more effectively secure their cloud environments, we are making changes to our Cloud SIEM product. As of December 4, Datadog has introduced a new offering in Cloud SIEM: Cloud SIEM 15-Months Retention, which automatically stores logs for 15 months after ingestion.

GitHub is a mission-critical software development and version control platform that is used to store proprietary source code and other sensitive data. Monitoring logs generated by activity in your GitHub environment can be useful, as unexpected patterns of behavior could indicate attacker activity or insider threats.

As government agencies accelerate their adoption of cloud technologies—particularly SaaS applications—they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) sets these standards for civilian federal agencies, while the Impact Levels laid out by the Defense Information Systems Agency (DISA) in their Cloud Computing Security Requirements Guide set guidelines for Department of Defense (DoD) agencies.

As your cloud infrastructure scales to handle the weight of new features and a growing user base, your attack surface increases as well. When combined with the steady rise in security threats—more than 25,000 vulnerabilities were identified in 2022 alone—identifying every risk to your distributed system can be a challenge.

Cloud environments comprise hundreds of thousands of individual components, from infrastructure-level containers and hosts to access-level user and cloud accounts. With this level of complexity, continuous and end-to-end visibility into your environment is vital for detecting, prioritizing, and fixing vulnerabilities before attackers can take advantage of them.

In today’s complex cloud environments, security and engineering teams need to manage vulnerabilities and misconfigurations across multiple layers of the stack, including cloud resources, clusters, containers, and applications. Often, this results in a lengthy list of problems that lacks prioritization and is daunting for users to address.

Managing sensitive information in your telemetry data poses many challenges to governance, risk management, and compliance (GRC) teams and overall security. Organizations in healthcare, finance, insurance, and other fields must carefully adhere to strict compliance requirements. But sensitive data comes in many forms and moves between many endpoints, and as a result, it can easily become exposed in telemetry data.

Identity and access management (IAM) systems are necessary for authenticating and authorizing access to your environment. However, their mismanagement is one of the leading causes of breaches and insider threats today. Engineering teams must rapidly provision identities and permissions to keep pace with infrastructure growth—consequently, the ratio of non-human or machine identities to every human identity is also increasing at a substantial rate.

We recently released the State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can leverage Datadog Cloud Security Management (CSM) to improve your security posture.

The modern application landscape is rapidly evolving, creating new tools, technologies, and processes that allow organizations to deploy production code faster. But risks to application security have also changed significantly, requiring the security discipline to evolve in order to adapt to new types of attacks.