Datadog enhances Security Inbox to help DevOps teams improve security posture

Datadog added identity, vulnerability and app-level findings to Security Inbox. This provides engineers with one actionable view to improve security posture, without any additional overhead or friction.

With these new features, Datadog shifts cloud security earlier in the software development lifecycle and empowers developers and security teams to address issues proactively.

Datadog’s Security Inbox delivers a unified view of the top issues DevOps and security teams need to address to significantly reduce risk across cloud accounts, Kubernetes clusters, containers and applications. With the new capabilities, Datadog helps proactively detect and address identity and access-related risks with the general availability of its Cloud Infrastructure and Entitlement Management (CIEM).

And Security Inbox’s new vulnerability management capability detects, prioritizes—based on heuristics like exposure risk, probability of being exploited and all observability context—and helps remediate infrastructure vulnerabilities in hosts, containers and applications.

“Security Inbox gives DevOps and security teams a prioritized list of actionable fixes they can deploy to maximize improvements to their security posture,” said Prashant Prahlad, VP of Cloud Security Products at Datadog. “With the added capabilities to Security Inbox, engineers can now proactively mitigate issues without requiring the security teams to inform them about the urgency or the impact of their security fixes. Meanwhile, security teams continue to save precious time lost to tedious contextualisation and triage work, and can choose to focus on overall security posture of their cloud estates.”

With the new capabilities announced, Security Inbox gives organizations:

• Full app-to-infrastructure visibility: Security Inbox unifies findings collected by Datadog Cloud Security Management and Application Security Management into a single view, simplifying the process of managing security issues.
• Context-based prioritization: The capability incorporates context from potential suspicious activity detected from cloud logs, application traces or file and process activity detected on the host, enabling teams to concentrate on issues with a high likelihood of impact.
• Correlation and attack path detection: Datadog uses agentless cloud integrations, one agent and tracing libraries to map the relationships between an organization’s entire stack, spanning from cloud resources and compute resources to applications. When a combination of risks suggesting a potential attack path in the environment is detected, a security issue is generated and displayed in Security Inbox.

These features are now generally available.