Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Datadog

Easily ingest and monitor security logs with Cloud SIEM Content Packs

Datadog Cloud SIEM helps customers protect their cloud environment and SaaS applications against threats with built-in threat detection rules, interactive dashboards, workflow blueprints, and in-depth support resources. These capabilities provide valuable insights into your security posture, so you can respond promptly to emerging threats. In order to generate these insights, Cloud SIEM analyzes log data, which users can start sending to Datadog by enabling one of our out-of-the-box integrations.

Visualize activity in your Azure environment with Datadog Cloud SIEM Investigator

Cloud infrastructures can comprise thousands of interconnected and dynamic resources. This complexity introduces unique challenges to monitoring and securing these architectures. Understanding where user activity originates—and what actions constitute security threats—is a complex task when you’re dealing with the huge volume of logs, metrics, and other telemetry that highly distributed cloud environments generate each day.

Automate incident response and security workflows with Blink in the Datadog Marketplace

Security and DevOps engineers often spend a lot of time and effort creating and managing complex, repetitive workflows, such as incident response, honeypotting, recovery and remediation, and more. Blink is a no-code security platform that enables users to create workflow automations, triggers, and self-service apps to streamline processes, better enforce guardrails, and eliminate operational bottlenecks.

How we use Datadog CSM to improve security posture in our cloud infrastructure

In complex cloud environments where the speed of development is accelerated, managing infrastructure and resource configurations can be an overwhelming task—particularly when certifications and compliance frameworks like PCI, HIPAA, and SOC 2 present a lengthy list of requirements. DevOps and engineering teams need to ship code updates at a rapid pace, making it easy for them to accidentally overlook misconfigurations.

Run Atomic Red Team detection tests in container environments with Datadog's Workload Security Evaluator

Ensuring your threat detection rules work as intended and provide sufficient coverage for major threats is a critical component of a security program. Red Canary’s Atomic Red Team—an open source library of detection tests that help teams validate the effectiveness of their security measures—has historically been the tool of choice for detection testing.

Integrate Sigma detection rules with Datadog Cloud SIEM

As organizations grow, they naturally need to analyze logs from more data sources. But as these data sources expand in number and type, it becomes more difficult for teams to scale their security detection rules to keep up with the ever-changing threat landscape. Sigma is an open source project that aims to address this challenge. By leveraging the expertise of the open source community, Sigma enables security teams to implement out-of-the-box rules that cover a wide range of threat scenarios.

Changes to Datadog Cloud Security Management

In order to better meet organizations’ specific requirements for securing their environments, we are making changes to our Cloud Security Management product. On August 1, Datadog introduced new offerings in Cloud Security Management: CSM Pro and CSM Enterprise. Alongside Datadog Cloud Workload Security, these distinct packages provide customers with security capabilities tailored to their particular use cases and needs.

Securing your Software Supply Chain

Composability has rapidly accelerated the pace of software development by allowing engineers to reuse openly shared libraries and packages. But the widespread adoption of these components also makes them an enticing avenue of attack for malicious actors. In this fireside session, André Arko (Head of Open Source, Ruby Central) and Dustin Ingram (Director, Python Software Foundation) will join Emilio Escobar (CISO, Datadog) for a discussion about securing your software supply chain.

Creating a Culture of Security

Just as DevOps is more than just CI/CD tooling, DevSecOps is more than simply scanning code for vulnerabilities in your deployment pipeline. Creating a culture where every engineer is invested in reducing risk and values security can be challenging. In this panel session, we’ll chat with engineering leaders from security, development, and operations to learn how they’re fostering a culture of security in their organizations.