In the latest episode of This Month in Datadog, Jeremy shares how to run autonomous Cloud SIEM investigations, remediate vulnerabilities with auto-generated fixes, and use natural language to explore Datadog. Later, Sumedha Mehta spotlights the Datadog MCP Server, which gives AI agents real-time access to Datadog’s observability data. Then, Chetan Sharma walks through Datadog Experiments, which measures how product changes impact the user journey.

CVE-2026-31431— the “Copy Fail” vulnerability—is a critical local privilege escalation (LPE) flaw in the Linux kernel’s cryptographic subsystem that allows unprivileged users to gain root access with near-perfect reliability. Boasting a CVSS score of 7.8 and affecting nearly every mainstream distribution since 2017 (including Ubuntu, RHEL, and Amazon Linux), Copy Fail has been added to the CISA KEV catalog due to its active exploitation and portable, low-footprint nature.

Most current demonstrations of AI in security operations are lackluster. You ask a chat interface a question, get a summary, and maybe a suggested next step. The operator still does all the work, at human speed. Meanwhile, adversaries are already deploying AI offensively against their targets. AI in SecOps must ultimately be an operator. Otherwise, the gap between adversary and defender will become too wide to bridge. LimaCharlie Co-founder, Christopher Luft, demonstrates a simple way to get started.

As cyber threats continue to grow and become more threatening, it’s important for businesses to implement robust cybersecurity measures. SOC Support Consulting is becoming increasingly important for improving cybersecurity because it equips companies with the knowledge and tools to quickly identify and stop threats. According to Vectra AI, businesses leveraging SOCaaS are likely to detect threats 96% faster compared to those with an in-house SOC.

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local controls reduce secrets risk.

Most enterprises are not running on a single cloud. The vast majority of organizations now operate in hybrid or multi-cloud environments and sensitive data follows wherever workloads go. Regulated files end up in S3 buckets. PII lands in BigQuery development tables. Source code copies into Azure Data Lake repositories that no policy anticipated. The problem is not that organizations chose to spread data across clouds. The problem is that most security programs were not built to track it.