Cloud-Native Security Monitoring | Datadog
Cloud-native Security Monitoring image

Cloud-native Security Monitoring

Real-time threat detection across your applications, network, and infrastructure.

Watch Video

Watch Video

Our developers and operations already rely on Datadog for observability, so we've been looking to leverage this comprehensive data for security. With Datadog's Security Monitoring product, our AppSec team can analyze authentication events across all our applications with a single set of rules.

Martin Strýček Image

Martin Strýček

Head of Infrastructure, Kiwi.com

Datadog Security Monitoring provides end-to-end security visibility for dynamic cloud environments. Easily track your compliance posture and correlate all runtime events, application and service logs, and more. Developers, security, and operations teams can leverage detailed observability data to accelerate security investigations in a single, unified platform.


Security for dynamic environments

  • Break down silos between developers, security, and operations teams
  • Detect threats in real time across dynamic cloud environments
  • Leverage detailed observability data to accelerate security investigations

400+ vendor-supported integrations

  • Achieve full security visibility across your applications, network, and infrastructure
  • Start ingesting security data in minutes with hundreds of built-in integrations like AWS CloudTrail, Okta, and G Suite
  • Investigate security threats in a single pane of glass with detailed observability data: metrics, traces, logs, and more

Real-time threat detection

  • Detect potential threats across the full stream of ingested observability data
  • Analyze all your data, without the cost of indexing and retaining everything
  • Alert on malicious or anomalous patterns as data is received in real time
blog/announcing-security-monitoring/datadog-security-monitoring-lwl-rev.png

Out-of-the-box detection rules

  • Improve your security posture with default detection rules that flag attacker techniques and misconfigurations
  • Enable default detection rules, mapped to the MITRE ATT&CK® framework and compliance frameworks
  • Write your own custom rules without learning a proprietary query language

Analytics & collaboration

  • Correlate security signals and collaborate on investigations
  • Quickly filter security signals using attributes like severity level, the MITRE ATT&CK® technique, or any associated entity, such as an attacker’s IP
  • Integrate with Slack, PagerDuty, or any collaboration tool to quickly loop in relevant teams for faster investigations
  • Retain all security signals for 15 months to correlate them and identify trends over time

Resources