Threat Detection | Datadog

How we use Datadog for detection as code

Learn how we use our own products to implement and maintain a detection as code methodology across our ...

Datadog delivers smarter vulnerability remediation

Learn how innovations in Datadog Software Composition Analysis and Cloud Security Management help security ...

A deep dive into investigating a complex denial-of-service attack

Learn how we used our own products to detect, investigate, and mitigate a complex attack against our load ...

Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Learn about new, out-of-the-box threat detections available in Datadog Cloud SIEM to help you improve security ...

Fix key cloud security risks with version 2 of the Essential Cloud Security Controls Ruleset

Learn how version 2 of the Essential Cloud Security Controls ruleset for CSM, with support for Kubernetes, ...

Backtest detection rules with Datadog Cloud SIEM Historical Jobs

Learn how Datadog Cloud SIEM enables you to create valuable signals from your historical logs.

Key metrics for monitoring AWS WAF

Learn about key metrics for monitoring how well your AWS web application firewalls manage traffic and prevent ...

Tools for collecting AWS WAF data

Learn how you can collect and analyze AWS WAF metrics and logs using AWS's suite of monitoring tools.

Monitor AWS WAF activity with Datadog

Learn how you can collect and monitor AWS WAF activity with Datadog.

Prioritize vulnerability remediation with Datadog SCA

See the full context of each vulnerability and its impact on your running code.

Secure your Windows workloads with Datadog Cloud Security Management

Learn how Datadog Cloud Security Management detects threats in real time to protect your Windows cloud-native ...

Detect and stop unauthorized cryptomining in your cloud workloads with Datadog CSM Threats

Learn how Datadog detects and stops threat actors who are taking advantage of cloud resources to mine for ...

Detect malware in your containers with Datadog Cloud Security Management

We now supplement our internal threat intelligence with third-party feeds to help you root out evolving ...

State of Cloud Security

We analyzed data from thousands of organizations to understand the latest trends in cloud security posture.

Security-focused chaos engineering experiments for the cloud

Learn how to approach chaos engineering experiments with the security of your cloud resources in mind.

Build sufficient security coverage for your cloud environment

Learn about some of the challenges with and recommendations for building sufficient security coverage for your ...

Integrate Sigma detection rules with Datadog Cloud SIEM

Learn how Sigma's out-of-the-box rules can help your security teams quickly and easily detect threats in your ...

Conduct historical security investigations with Datadog Cloud SIEM Investigator

Explore and visualize log data from long-running security breaches to understand and contain attacks.

AWS threat emulation and detection validation with Stratus Red Team and Datadog Cloud SIEM

Learn how to use Stratus Red Team and Datadog Cloud SIEM to emulate AWS attacks and detect new threats.

Monitor Windows event logs with Datadog

Learn how Windows event logs can help you monitor your environment's security boundaries and provide ...

State of Application Security

We analyzed data from thousands of organizations to discover which vulnerabilities really matter, which ...

Best practices for identity and access management in cloud-native infrastructure

Learn how you can start developing effective identity and access management controls for your cloud-native ...

Visualize activity in your Google Cloud environment with Datadog Cloud SIEM Investigator

Learn how Datadog Cloud SIEM provides shared context for security teams and DevOps to monitor activity in ...

Best practices for detecting and evaluating emerging vulnerabilities

Learn how to assess emerging vulnerabilities and develop an emergency-response playbook.

Block attackers in your apps with Datadog Application Security Management

Datadog Application Security Management now includes Protection capabilities that enable you to block attack ...

Best practices for data security in cloud-native infrastructure

Learn best practices for securing application data and getting better visibility into data activity.

Gain visibility into risks, vulnerabilities, and attacks with APM Security View

APM Security View surfaces security data within the Service Catalog, Service Page, and distributed tracing to ...

Best practices for application security in cloud-native environments

Learn how to implement an effective strategy for keeping cloud-native applications secure.

Fix common cloud security risks with the Essential Cloud Security Controls Ruleset

Learn how the Essential Cloud Security Controls Ruleset for CSM helps DevOps and security teams manage high ...

Visualize activity in your AWS environment with Datadog Cloud SIEM Investigator

Learn how Datadog Cloud SIEM provides shared context for security teams and DevOps to monitor activity in ...

Best practices for endpoint security in cloud-native environments

Learn best practices for securing all the resources and devices connected to either an organization's network ...

Best practices for network perimeter security in cloud-native environments

Learn best practices for securing the boundaries of your cloud network.

Collect GitHub audit logs and scanning alerts with Datadog

Learn how you can use Datadog to analyze your organization's GitHub activity and get alerted to code-level ...

Catch attacks at the network layer with DNS-based threat detection

Learn how Datadog's DNS-based threat detection rules can help you secure your applications and infrastructure.

The Confluence RCE vulnerability (CVE-2022-26134): Overview, detection, and remediation

Learn how the Confluence RCE vulnerability works, how to detect it, and how Datadog can help you secure your ...

Detect cryptocurrency mining in your environment with Datadog Cloud SIEM

Learn how Datadog can help you identify when an attacker is using your system resources to mine ...

The Spring4Shell vulnerability: Overview, detection, and remediation

Learn how the Spring4Shell vulnerability works, how to detect it, and how Datadog can help you secure your ...

The Dirty Pipe vulnerability: Overview, detection, and remediation

Learn how the Dirty Pipe vulnerability works, how to detect it, and how Datadog can help you secure your ...

Detect suspicious login activity with impossible travel detection rules

Learn how Datadog Cloud SIEM's impossible travel detection rule type can help improve your organization's ...

Best practices for securing Kubernetes applications

Learn how to improve Kubernetes security and mitigate legitimate threats to your applications.

Introducing Datadog Application Security Management

Datadog Application Security Management empowers security, operations, and development teams to build and run ...

The PwnKit vulnerability: Overview, detection, and remediation

Learn how the PwnKit vulnerability works, how to detect it, and how Datadog can help you secure your systems.

Elevate AWS threat detection with Stratus Red Team

Learn how you can emulate common attack techniques directly in your cloud environment with our new open source ...

Best practices for creating custom detection rules with Datadog Cloud SIEM

Learn how to create detection rules that enable you to efficiently identify and respond to security threats in ...

The Log4j Log4Shell vulnerability: Overview, detection, and remediation

Learn how the Log4Shell vulnerability works, how to detect it, and how Datadog can help you secure your ...

Secure HashiCorp Vault with Datadog Cloud SIEM

Learn about HashiCorp Vault security threats and how to detect them with Datadog.

Monitor your Netlify sites with Datadog

Learn how to use Datadog to collect function and traffic logs to monitor your Netlify-powered applications.

How to detect security threats in Linux processes

Learn how to spot signs of security threats in Linux processes.

Automate remediation of threats detected by Datadog Cloud SIEM

Learn how to use webhooks to automate security operations based on your Datadog monitoring data.

Detect application abuse and fraud with Datadog Cloud SIEM

Learn how Datadog helps you detect abuse of functionality tactics and techniques that are mapped to the MITRE ...

Detect unauthorized third parties in your AWS account

Learn how to use Datadog Cloud SIEM's new term detection method to secure your AWS environment against ...

Detect anomalous activity in your environment with new value–based Detection Rules

Learn how to use Datadog Cloud SIEM's new value detection method to monitor baseline activity across your ...

Key Kubernetes audit logs for monitoring cluster security

Learn some of the key Kubernetes API server audit logs that can help you detect potential threats to your ...

Collect and monitor Microsoft 365 audit logs with Datadog

Learn how our integration gives you a deeper level of insight into the security and performance of your Microsoft 365 services.

Datadog monitors Amazon Route 53

Get insights into your Amazon network’s Route 53 DNS traffic with Datadog.

Monitor Auth0 with Datadog

Enable Datadog's Auth0 integration to monitor logs for potential security threats.

Monitor Carbon Black Defense logs with Datadog

Learn how Datadog can help you monitor your Carbon Black Defense logs and get full visibility into endpoint ...

Monitor AWS IAM Access Analyzer findings with Datadog

Deliver AWS IAM Access Analyzer findings to your Datadog account to ensure your AWS resources are secure.

Monitor Twistlock with Datadog

Datadog's new integration with Twistlock allows you to monitor security and compliance alongside your ...

...
...