Cloud SIEM | Datadog

Key metrics for measuring your organization's security posture

Learn which metrics provide a better understanding of your ability to respond to threats, manage security ...

Monitor your organization's security posture with Datadog

Learn how Datadog can help you assess your ability to respond to threats, maintain compliance, and track ...

Identify gaps to strengthen detection coverage with the Datadog Cloud SIEM MITRE ATT&CK Map

Learn how the MITRE ATT&CK Map in Datadog Cloud SIEM can help you visualize attack tactics and techniques, ...

Monitor your Atlassian audit records and event logs with Datadog Cloud SIEM

Learn how you can get centralized security visibility and threat detection across your Atlassian Jira and ...

Detect malicious activity in Google Workspace apps with Datadog Cloud SIEM

Learn the common ways attackers take advantage of Google Workspace and how to detect their activity.

Add more context to Cloud SIEM detections and investigations with Datadog Reference Tables

Learn how to use custom lookup tables to connect business-critical data to your Cloud SIEM detection rules for ...

Stream logs in the OCSF format to your preferred security vendors or data lakes with Observability Pipelines

Learn how Observability Pipelines can transform your security logs into OCSF format before they leave your ...

How attackers take advantage of Microsoft 365 services

Learn the common ways an attacker takes advantage of Microsoft 365 services and how to detect their activity.

Measure and optimize security team efficiency with Cloud SIEM security operational metrics

Datadog Cloud SIEM security operational metrics provide deep insights into the performance of your security ...

Monitor your Cisco Umbrella network logs with Datadog Cloud SIEM

Learn how you can use Datadog Cloud SIEM to get centralized security visibility and threat detection across ...

Identify the secrets that make your cloud environment more vulnerable to an attack

Learn how to improve secrets management by getting visibility into existing API keys, credentials, and more in ...

From on-prem to cloud: Detect lateral movement in hybrid Azure environments

Learn how attackers take advantage of Microsoft Entra ID for lateral movement within Azure environments.

Monitor your Windows event logs with Datadog Cloud SIEM

Learn how you can use Datadog Cloud SIEM to get centralized security visibility and threat detection across ...

How we use Datadog for detection as code

Learn how we use our own products to implement and maintain a detection as code methodology across our ...

Monitor your SentinelOne logs and alerts with Datadog Cloud SIEM

Learn how you can use Datadog Cloud SIEM to get centralized endpoint security visibility into your SentinelOne ...

Monitor Slack audit logs with Datadog Cloud SIEM

Learn how a new content pack for Cloud SIEM lets you leverage Datadog’s Slack integration to perform ...

What’s new in Cloud SIEM Content Packs: September 2024

Learn about the latest additions to Cloud SIEM Content Packs and how they can help you strengthen security ...

Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Learn about new, out-of-the-box threat detections available in Datadog Cloud SIEM to help you improve security ...

Monitor Teleport with Datadog

Learn how you can monitor the health and performance of your Teleport services and audit their activity.

Accelerate investigations with Datadog Cloud SIEM Risk-based Insights for AWS Entities

Learn how Datadog Cloud SIEM helps you efficiently prioritize security risks and get deeper insights into AWS ...

Backtest detection rules with Datadog Cloud SIEM Historical Jobs

Learn how Datadog Cloud SIEM enables you to create valuable signals from your historical logs.

Datadog Security extends compliance and threat protection capabilities for Google Cloud

Learn how Datadog provides centralized security monitoring for your Google Cloud environment.

Meet EO 14028 requirements with Datadog Log Management, Cloud Workload Security, and Cloud SIEM

Learn how Datadog’s cloud security and logging solutions are fully compliant with US government requirements ...

Monitor network attacks with Google Cloud Armor and Datadog

Learn how visualizing your Google Cloud Armor data within Datadog can help you better protect your application ...

Changes to Datadog Cloud SIEM

Learn about our new offering, Datadog Cloud SIEM 15-Months Retention, and what customers can expect moving ...

Organize and analyze your Google Cloud security findings with Datadog

Learn how the Google Cloud Security Command Center integration enables you to quickly detect threats to your ...

Build sufficient security coverage for your cloud environment

Learn about some of the challenges with and recommendations for building sufficient security coverage for your ...

Easily ingest and monitor security logs with Cloud SIEM Content Packs

Learn how Content Packs in Datadog Cloud SIEM help you quickly and easily obtain key insights into potential ...

Visualize activity in your Azure environment with Datadog Cloud SIEM Investigator

Learn how to use Datadog’s Cloud SIEM Investigator to understand user activity in Azure so you can triage ...

Integrate Sigma detection rules with Datadog Cloud SIEM

Learn how Sigma's out-of-the-box rules can help your security teams quickly and easily detect threats in your ...

Datadog Cloud SIEM Investigator で履歴セキュリティ調査を実施する

長期にわたるセキュリティ侵害のログデータを調査、視覚化することで、攻撃を理解し、封じ込めます。

AWS threat emulation and detection validation with Stratus Red Team and Datadog Cloud SIEM

Learn how to use Stratus Red Team and Datadog Cloud SIEM to emulate AWS attacks and detect new threats.

Monitor network access with Twingate’s offering in the Datadog Marketplace

Visualize resource access and alert on suspicious network activity with the Twingate integration.

Use CIDR notation queries to filter your network traffic logs

Learn how to use CIDR notation in Datadog Log Management to easily search and analyze network traffic.

Monitor your firewall logs with Datadog

Learn how to maximize visibility into firewall activity with Datadog.

Enhance corporate application security with AWS Verified Access and Datadog

Learn how Datadog's Verified Access integration enables you to monitor access attempts across your ...

Search your logs efficiently with Datadog Log Management

Learn how saved recent searches, keyboard shortcuts, syntax highlighting, and other features help you build ...

Automate common security tasks and stay ahead of threats with Datadog Workflows and Cloud SIEM

Datadog Workflows enable you to automate tasks necessary to remediate issues, triage security signals, and ...

Centralize, triage, and track tickets with Datadog Case Management

Learn how you can create tickets to handle issues of any size or scope with Datadog Case Management.

Best practices for identity and access management in cloud-native infrastructure

Learn how you can start developing effective identity and access management controls for your cloud-native ...

Visualize activity in your Google Cloud environment with Datadog Cloud SIEM Investigator

Learn how Datadog Cloud SIEM provides shared context for security teams and DevOps to monitor activity in ...

Best practices for data security in cloud-native infrastructure

Learn best practices for securing application data and getting better visibility into data activity.

Monitor Boundary on the HashiCorp Cloud Platform with Datadog

Learn how to monitor and alert on key performance metrics for your HCP Boundary instances with Datadog.

Best practices for application security in cloud-native environments

Learn how to implement an effective strategy for keeping cloud-native applications secure.

Analyze security logs from Amazon Security Lake with Datadog

Learn how Datadog analyzes security logs and events from Amazon Security Lake to help you detect and remediate ...

Visualize activity in your AWS environment with Datadog Cloud SIEM Investigator

Learn how Datadog Cloud SIEM provides shared context for security teams and DevOps to monitor activity in ...

Identify and redact sensitive data in APM, RUM, and Events stream with Sensitive Data Scanner

Learn how the Datadog Sensitive Data Scanner enables you to identify and manage sensitive data leaks across ...

Monitor Content Security Policy violations with Datadog

Get full visibility into CSP reports so you can detect and address misconfigurations that may be affecting ...

Detect cryptocurrency mining in your environment with Datadog Cloud SIEM

Learn how Datadog can help you identify when an attacker is using your system resources to mine ...

Best practices for reducing sensitive data blindspots and risk

Learn some best practices for implementing an effective data compliance strategy for your environment.

How to manage log files using logrotate

Learn best practices for customizing the logrotate utility for your applications.

Detect suspicious login activity with impossible travel detection rules

Learn how Datadog Cloud SIEM's impossible travel detection rule type can help improve your organization's ...

Use Log Analytics to gain application performance, security, and business insights

Learn how to apply formulas and functions to your log data to answer 10 common questions about your ...

Best practices for securing Kubernetes applications

Learn how to improve Kubernetes security and mitigate legitimate threats to your applications.

Best practices for creating custom detection rules with Datadog Cloud SIEM

Learn how to create detection rules that enable you to efficiently identify and respond to security threats in ...

Secure HashiCorp Vault with Datadog Cloud SIEM

Learn about HashiCorp Vault security threats and how to detect them with Datadog.

Monitor your HCP Vault cluster with Datadog

Learn how Datadog can help you monitor key security and usage metrics for HCP Vault.

Build a modern data compliance strategy with Datadog's Sensitive Data Scanner

Learn how the Sensitive Data Scanner helps you discover, classify, and protect sensitive data in your logs, so ...

Detect security threats with anomaly detection rules

Datadog's anomaly detection security rules can help you quickly spot anomalous activity indicating potential ...

Monitor AWS FSx audit logs with Datadog

Learn how Datadog helps you analyze your Amazon FSx for Windows File Server audit event logs for file access ...

Key takeaways from the U.S. executive order on cybersecurity

Read this post to see how the executive order establishes a new baseline for agencies' cybersecurity ...

Resilience, DevSecOps, and other key takeaways from RSAC 2021

Read our breakdown of key security trends and highlights from the 2021 RSA Conference.

Automate remediation of threats detected by Datadog Cloud SIEM

Learn how to use webhooks to automate security operations based on your Datadog monitoring data.

Monitor Salesforce logs with Datadog

Learn how Datadog collects Salesforce events to help you monitor your environment's security and performance.

Detect application abuse and fraud with Datadog Cloud SIEM

Learn how Datadog helps you detect abuse of functionality tactics and techniques that are mapped to the MITRE ...

Detect unauthorized third parties in your AWS account

Learn how to use Datadog Cloud SIEM's new term detection method to secure your AWS environment against ...

Monitor HashiCorp Vault metrics and logs

A deep dive into the key metrics and logs for monitoring the health and performance of HashiCorp Vault.

Detect anomalous activity in your environment with new value–based Detection Rules

Learn how to use Datadog Cloud SIEM's new value detection method to monitor baseline activity across your ...

Best practices for monitoring Microsoft Azure platform logs

Learn how to get the most out of your Microsoft Azure platform logs and use them to secure your applications.

Key Kubernetes audit logs for monitoring cluster security

Learn some of the key Kubernetes API server audit logs that can help you detect potential threats to your ...

Best practices for monitoring authentication logs

Learn how to monitor authentication logs across your entire environment to more easily identify security ...

Collect and monitor Microsoft 365 audit logs with Datadog

Learn how our integration gives you a deeper level of insight into the security and performance of your Microsoft 365 services.

Monitor AWS Network Firewall with Datadog

Datadog gives you full visibility into traffic through AWS Network Firewall.

Monitor Oracle Cloud logs with Datadog

Collect and analyze Oracle Cloud logs with Datadog for more insight into your Oracle Cloud Infrastructure.

Datadog monitors Amazon Route 53

Get insights into your Amazon network’s Route 53 DNS traffic with Datadog.

Monitor Auth0 with Datadog

Enable Datadog's Auth0 integration to monitor logs for potential security threats.

Monitor Alcide kAudit logs with Datadog

Learn how Datadog's integration with Alcide kAudit gives you more visibility into your Kubernetes environment.

Monitor Carbon Black Defense logs with Datadog

Learn how Datadog can help you monitor your Carbon Black Defense logs and get full visibility into endpoint ...

Best practices for monitoring GCP audit logs

Learn how to monitor your Google Cloud audit logs for better visibility into GCP security with Datadog.

Monitor Cilium with Datadog

Integrate Cilium with Datadog to ensure your security policies are properly enforced across your containerized ...

Monitor AWS IAM Access Analyzer findings with Datadog

Deliver AWS IAM Access Analyzer findings to your Datadog account to ensure your AWS resources are secure.

Monitor Google Workspace with Datadog

Proactively monitor Google Workspace user and administrative activity by analyzing and alerting on audit logs ...

Signal Sciences brings real-time web attack visibility to Datadog

Signal Sciences users can see, analyze, and receive alerts from web application activity directly in Datadog.

...