Security teams can now use Sequence Detection in Datadog Cloud SIEM to identify linked behaviors across multiple stages of an attack—such as initial access, privilege escalation, and data exfiltration. This method lets you define ordered sequences of events and control the combinations of conditions, users, and timeframes that trigger a signal—helping surface coordinated activity that individual rules might miss.
To qualify for this Product Preview, you must be currently using or plan to use Cloud SIEM (purchased standalone or as an add-on) and must currently be sending logs from supported log sources.
Your response has been recorded. We’re reviewing your request and will follow up with next steps within 1-2 weeks. In the meantime, feel free to reach out to your CSM with any questions.