Sensitive Data Scanner | Datadog
Sensitive Data Scanner

Sensitive Data Scanner

Discover, classify, and redact sensitive data to build a modern compliance strategy at scale.

Datadog’s Sensitive Data Scanner helps businesses meet security and compliance goals by discovering, classifying, and redacting sensitive data across logs, traces, RUM, and events — in real-time and at scale. Datadog scans sensitive data at or prior to ingestion, and hashes or redacts this data following built-in or user-defined rules to help businesses stay compliant with GDPR, HIPAA, CCPA, and more.


Build a scalable and holistic data security and compliance strategy

  • Define exactly which data you want to scan using filters, across logs, APM spans, RUM events, and other telemetry data
  • Proactively scan your data in real-time and at scale to support a holistic loss prevention strategy
  • Scan and redact sensitive data before it leaves your environment via the Datadog Agent or Observability Pipelines
Configure Sensitive Data Scanner to build a scalable and holistic compliance strategy

Get a comprehensive understanding of sensitive data across cloud environments

  • Discover where sensitive data lives across cloud environments, such as AWS S3 and RDS instances
  • Quickly and easily prioritize sensitive data matches in the cloud and kickstart remediation efforts as needed
  • Correlate sensitive data issues with Cloud Security Management for contextualized vulnerability assessment
Get a comprehensive understanding of sensitive data across cloud environments

Classify sensitive data based on its content, source, or designated risk level

  • Standardize data classification across dev, ops, and security teams and across different cloud platforms and hybrid environments
  • Accelerate classification through out-of-the-box rules that capture common patterns, such as credit card numbers, API keys, tokens, AWS secret keys, and others
  • Inform data governance policies with searchable tags on risk level, data source and priority

Redact sensitive data and monitor user activity to support data security initiatives

  • Scrub sensitive data with predefined scanners from Datadog’s Data Scanner Library or custom scanners
  • Use audit events to keep a full record of user activity on the Datadog platform with Datadog Audit Trail
  • Manage who can access sensitive data by combining sensitive data scanning with Datadog’s fully integrated role-based access control (RBAC) permissions and restriction queries

Quickly detect sensitive data issues with dashboards and alerts

  • Save time by scanning and tagging new hosts, containers, and applications as soon as they are spun up
  • Tag sensitive data to allow teams to create real-time alerts and build dashboards
  • Reduce false positives with the help of industry-standard detection techniques, such as the Luhn algorithm to scan and redact credit card information
Automatically discover sensitive data across your cloud environment

Customer Testimonials

Datadog Sensitive Data Scanner provides complete visibility into the flow of PII data. As we migrate to the cloud, it has become a critical part of our data loss prevention strategy.

Kevin McGill

Kevin McGill

VP Cloud Services, Citizens Bank

Datadog Sensitive Data Scanner (SDS) empowers our small team to quickly find and redact sensitive data in our RUM sessions and logs. What used to be a time-consuming process is now streamlined, as SDS quickly detects exposed secrets, credentials, and PII across our microservices and mobile applications, preventing sensitive data from leaking into Datadog.

Sola Ajayi

Sola Ajayi

Lead Engineer, Infrastructure, DevOps & Security Team

Sensitive Data Scanner is core to our data loss prevention (DLP) strategy. It gives us the confidence that our logs and events are continuously monitored for inadvertent exposure of sensitive information, so that we can identify and respond swiftly to anomalies or potential risks.

Kelly Bettendorf

Kelly Bettendorf

Staff Security Engineer, Stavvy

Resources

gated-asset/lwlformheaderv1

guide

Log Management & Analytics Product Brief
products/logging-without-limits-poster

official docs

Logging Without Limits™ Guide
log-management/product_heros_Logs

product

Datadog Modern Log Management & Analytics
/blog/sensitive-data-scanner/sensitive-data-scanner-hero-rev

BLOG

Build a modern data compliance strategy with Datadog's Sensitive Data Scanner
Get started with Sensitive Data Scanner today with a 14-day free-trial