Datadog Security Monitoring: Detect threats in real time, investigate security alerts

Datadog, the monitoring and analytics platform for developers, IT operations teams, and business users in the cloud age, announced Security Monitoring, a new product that breaks down silos between security, developers, and operations teams.

With this new product, Datadog extends its monitoring and analytics platform to security engineers in addition to developers and IT operations teams.

Highly scalable and dynamic modern cloud applications are also highly complex to secure and require close coordination between security engineers who monitor threat signals and developers and operations teams who make frequent changes to the applications.

Additionally, the rise in sophistication and speed of attacks also means that these teams need means for newer, faster ways of detection and thwarting of threats.

Datadog Security Monitoring combines and analyzes traditional security signals with performance and environment data from applications to provide unique real-time insights. This allows the security, dev and ops teams to rapidly identify security issues, pinpoint the affected system and perform remediation quickly.

The key features of this new offering include:

• Unified observability and security: By combining data from traditional security logs with over 400 integrations that bring in performance metrics, traces, environment information and more, Security Monitoring detects threats quickly and provides detailed context to pinpoint affected systems
• Real-time, out-of-the-box threat detection: With turn-key threat Detection Rules to flag attacker techniques and misconfigurations, teams can immediately improve their security posture
• Cost-effective data ingestion and analysis: Security Monitoring detects threats in real time across the full stream of ingested data at a fraction of the cost of traditional solutions
• Simple, customizable rule-editing: Anyone can customize out-of-the-box Detection Rules or write their own without needing to learn a proprietary query language
• Powerful, context-rich security signals: Datadog retains security signals for 15 months, so teams can easily correlate them and identify trends over time, quickly filter signals by attributes like the MITRE ATT&CK technique or any associated entities, and seamlessly pivot to other areas of Datadog for further investigation

“Given their complexity and velocity, security teams are looking to partner with developers and operations teams to secure dynamic cloud environments,” said Marc Tremsal, Director of Product Management at Datadog.

“We’ve built Datadog Security Monitoring to enable all engineers to cost-effectively analyze detailed observability data for potential threats, and easily collaborate during investigations.”

“At Instacart, we care about unauthorized access, and with Datadog’s security monitoring we’ve been able to track down malicious third parties and protect our users more quickly,” said Blaine Schanfeldt, Site Reliability Engineer at Instacart.

“We’ve been able to move quickly to identify the root cause of security issues such as failed logins. We’ve been able to track that from throughout our infrastructure, from the external load balancers through to the application.”

“Companies undergoing the transformation of their security practices to adapt to more DevOps-friendly workflows are likely to look favorably on approaches that balance injecting security without disrupting those workflows,” said Fernando Montenegro, Principal Analyst for Information Security, 451 Research, part of S&P Global Market Intelligence.