Application Vulnerability Management

Datadog Application Vulnerability Management continuously monitors your production environment for both code-level and open source vulnerabilities. You can quickly identify and prioritize the remediation of the highest impact vulnerabilities before they become costly breaches.

Continuously monitor for code-level vulnerabilities in production

Continuously identify vulnerabilities in application code serving production-level traffic, without the overhead of code scans or time-consuming testing processes
Identify the specific input or request that triggered the vulnerability in order to accelerate triage
Immediately see the exact vulnerable file, version, and line of code to reduce mean time to remediation

Focus on the open source vulnerabilities that present active risk

Surface vulnerable open source libraries loaded in production as you monitor the overall health of your services
Prioritize vulnerabilities with the Datadog Severity Score, which factors in vulnerability exposure, CVSS, and real-time threat activity
Avoid discrepancies between pre-production and production code due to errors in the CI/CD pipeline by ensuring remediated vulnerabilities make it to production

Fast track remediation

Achieve real-time visibility into your overall attack surface with no additional agents or performance impact
Search, filter, and query across all detected vulnerabilities with Datadog unified tagging for faster investigation
Pivot between vulnerable services and affected cloud workloads and infrastructure hosts to assess business impact

It's extremely powerful to have very clear insights from Datadog —such as immediately having insight into which services are vulnerable, the time since detection, and how to fix them. It makes it much easier to investigate and remediate issues across all vulnerable services.

Henri Cour

SRE, Continental Digital Services France.

Datadog, in addition to helping us with observability, now also supports us in security. Because it is a unified platform, we don't need to install and maintain other tools to protect our environment. Using Datadog's code-level vulnerability detection feature and remediation recommendations, our developers can quickly fix vulnerabilities.