Signal Sciences + Datadog: improving web application security

Signal Sciences + Datadog: improving web application security

/ / /
Published: July 27, 2016

This is a guest post by Tyler Shields, Vice President Marketing, Partnerships, and Strategy at Signal Sciences.

Web application security has been a stagnant technology field for well over a decade. There just wasn’t enough change in application development processes to dictate an overhaul in how organizations execute their web application security initiatives. In recent years new development models such as agile and Devops, infrastructure changes including cloud and microservices, and a completely revamped build and deploy methodology where production pushes occur daily or weekly instead of semi-annually, have drastically changed traditional development programs. Web application security is past due for innovation and reinvention, and the Signal Sciences integration with Datadog helps bring an intelligent alerting engine for web application security into common practice.

Visibility, blocking, and remediation

Signal Sciences Next Generation Firewall (NGWAF) is a web protection platform that incorporates all of the core tenets of modern web application security: visibility into real time attack data, advanced attack detection and blocking techniques, and the ability to alert and react quickly to attempted and successful attacks. Visibility into attack signals and anomaly data are required for the enterprise to have any chance at executing a successful web application security program. The integration between Datadog and Signal Sciences provides an excellent platform to:

  • Understand the data collected by your security environment, in detail.
  • Create an alerting mechanism to take action on detected attacks and threat scenarios.
  • Correlate threat activities with their effects throughout your stack.
Signal Sciences web application security dashboard

Improve your security-data analytics and alerting

Web application security requires the correlation of multiple data sources including development, operations, and security integration points. Using Datadog and Signal Sciences together allows an unparalleled level of security insight to be augmented by an industry-leading rapid response, tooling, and alerting, system. A security operations center (SOC) analyst spends the majority of their day correlating data between disparate sources from development, operations, and security. Datadog can be used to present development-centered alerts, attack-based alerts, incident alerts, and outage alerts. These and many other data points help provide the context to make intelligent security decisions. The ability to have multiple data sources available in a single data analysis and alerting engine such as Datadog increases the rate at which a SOC analyst makes accurate assessments of events and determines remediation steps lowering the mean time to remediation (MTTR) and mean time to detection (MTTD) for security incidents.

Signal Sciences web application security weekly review

Effective security relies on data measurement

If you can measure it, you can be confident that you are improving. Datadog and Signal Sciences surface and alert on the most important metrics and data points, allowing joint customers to improve the speed and accuracy of their security decision-making process while having measurable data to demonstrate improvements in web application security.

Joint Datadog and Signal Sciences customers are on the forefront of the modern pragmatic approach to information security. Data-driven security integrations are helping Signal Sciences customers such as AirBnB, Under Armour, Vimeo, Etsy, Taser, and others to increase their security levels while informing and improving their overall security processes. If you are not yet a Signal Sciences customer but are interested in becoming one, please visit Signal Sciences web site and click the “Request a Demo” button. If you are not yet a Datadog customer, you can get a account now.