Runtime Code Analysis (IAST) | Datadog
Detect real vulnerabilities in your production application’s code and fix them faster with observability context
Security

Runtime Code Analysis (IAST)

Detect real vulnerabilities in your production application’s code and fix them faster with observability context

Feature Overview

Datadog Runtime Code Analysis (IAST) detects real code vulnerabilities in production environments by continuously monitoring your application at runtime. With a unique, production-ready Interactive Application Security Testing (IAST) approach, Runtime Code Analysis (IAST) allows DevOps and Security teams to identify and prioritize the most critical vulnerabilities before they become costly breaches, all while providing actionable insights and recommended fixes.

See also

View documentation View pricing

Detect vulnerabilities in your production code

  • Continuously discover vulnerabilities in your first-party code during runtime without impacting application performance
  • Eliminate false positives with an IAST approach that achieved 100% in OWASP Benchmark and in over twenty additional detection rules
  • Monitor internal code operations and interactions with other components to get an accurate, up-to-date view of your attack surface
A SQL Injection vulnerability that was found in production code during runtime
A SQL Injection vulnerability that was found in production code during runtime

Prioritize critical vulnerabilities with observability context

  • Focus on vulnerabilities that matter the most with the Datadog Severity Score, which factors in environment and real-time threat activity
  • Pivot between vulnerable services, affected cloud workloads, and infrastructure hosts to fix issues with the highest business impact
  • Track real-time risk with continuous monitoring of real application traffic for understanding vulnerability exposure

Accelerate Remediation with Source Code Integration

  • Quickly find the source of any vulnerability with code snippets, affected file and method names, and line numbers
  • Pinpoint root causes faster and streamline investigations by identifying which version introduced a vulnerability and by which commit
  • Reduce risk exposure time by easily fixing vulnerabilities in your code with guided remediation steps and example code
Fix code vulnerabilities with guided remediation steps to improve security posture
Fix code vulnerabilities with guided remediation steps to improve security posture

Unify workstreams for code vulnerability management

  • Seamlessly integrate code vulnerability management within your existing workstreams using Datadog’s Jira and CI integrations
  • Reduce security risk faster by enabling DevOps and security teams to collaborate more effectively and take action based on a single source of truth
  • Improve application security posture by using the same components already installed by development teams for performance monitoring

REPORT: STATE OF DEVSECOPS 2024

Read seven facts about the 2024 cloud applications security landscape
Read the report

Resources

Find vulnerabilities in your code with Datadog Code Security

BLOG

Find vulnerabilities in your code with Datadog Code Security

Enhance application security in production with Datadog Code Security

BLOG

Enhance application security in production with Datadog Code Security

Datadog Code Security achieves 100 percent accuracy in OWASP Benchmark by using an IAST approach

BLOG

Datadog Code Security achieves 100 percent accuracy in OWASP Benchmark by using an IAST approach

Getting Started with Code Security

OFFICIAL DOCS

Getting Started with Code Security

What's Next

Get started today with a 14-day free-trial of Runtime Code Analysis (IAST)

Learn more

Request a Demo

View documentation View pricing