Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Making Content Security Policies (CSPs) easy with Page Shield

Modern web applications are complex, often loading JavaScript libraries from tens of different sources and submitting data to just as many. This leads to a vast attack surface area and many attack types that hackers may leverage to target the user browser directly. Magecart, a category of supply chain attack, is a good example.

NIST Cloud Security: Standards, Best Practices, & Benefits

Latest cloud security statistics reveal that 91% of all organizations have some portion of their IT environment hosted in cloud platforms. While cloud computing comes with many benefits, companies have trouble scaling up the security to meet the data and privacy challenges posed by it.

91% of Cybersecurity Professionals Have Experienced Cyber Attacks that Use AI

A new report takes an exhaustive look at how cybersecurity professionals see the current and future state of attacks, and how well vendors are keeping up. The role of artificial intelligence (AI) in cyber attacks and cyber defenses can be pretty confusing.

How To Write A Post-Audit Cloud Security Report

A post-audit cloud security report is a document that provides an overview of the security status of the cloud environment, infrastructure, and applications of a business. It verifies that vulnerabilities and security flaws have been identified and assessed, and offers recommendations to address these security gaps.

Easily Enable Encryption: Secure Cloud-native Development Series

Build secure cloud-native applications by avoiding the top five security pitfalls we lay out in our Secure Cloud-native Development Series. This blog is the fourth part of the series, and it will teach you why and how to easily enable encryption and save yourself headaches down the road. Here's a new motto: encrypt everything! When securely moving to cloud-native technologies, building encryption in from the start will save us a lot of headaches later.

Best in Class

Why AWS indeed. This is not one of those start with why posts, but hopefully a peek into the reasons behind our partnership with AWS and what that means for you and how it could benefit you. The beginnings of something great Public cloud is well established, with about 50% of all workloads now running in a public cloud location. We have heard of ”the big three” cloud providers: AWS, Azure, and Google Cloud.

Is Open Source Software Dead?

Open source software (OSS) has driven technological growth for decades due to its collaborative nature and ability to share information rapidly. However, major OSS security vulnerabilities like Log4j, Heartbleed, Shellshock and others have raised concerns about the security and sustainability of similar projects. At the same time, major open source-based companies have changed their OSS licenses, like MongoDB, Elastic (formerly ElasticSearch), Confluent, Redis Labs and most recently, HashiCorp.

Easily ingest and monitor security logs with Cloud SIEM Content Packs

Datadog Cloud SIEM helps customers protect their cloud environment and SaaS applications against threats with built-in threat detection rules, interactive dashboards, workflow blueprints, and in-depth support resources. These capabilities provide valuable insights into your security posture, so you can respond promptly to emerging threats. In order to generate these insights, Cloud SIEM analyzes log data, which users can start sending to Datadog by enabling one of our out-of-the-box integrations.