Feature Overview
Datadog Cloud Security uses an agentless technology within your cloud to scan your entire infrastructure in minutes for vulnerabilities, misconfigurations, identity risks, and compliance violations. In addition, Datadog’s lightweight, open-source agent gives Security and DevOps teams more granular and timely visibility into active risks that can be fixed in a few clicks. Tightly integrated in a unified platform with live observability data and attack activity, Cloud Security allows you to detect, prioritize, and fix security issues faster and more effectively to continuously improve your security posture.
Secure your entire cloud in minutes with safe agentless security
Available with Agentless setup
- Quickly detect vulnerabilities, misconfigurations, identity risks, and compliance gaps without deploying an agent
- Continuously discover risks across your cloud accounts without sending snapshots outside your environment
- Prioritize risk more effectively with automatic correlations between security findings and severity-based scoring in Security Inbox
Fix the most critical vulnerabilities across your cloud infrastructure
Available with Agentless and Agent-based setup
- Detect, prioritize, and manage vulnerabilities in your organization’s containers and hosts
- Prioritize cloud vulnerabilities based on potential business impact, real-time observability context, and Datadog’s curated security research
- Streamline collaboration between security and DevOps teams by providing shared visibility across infrastructure monitoring and security views
Track and improve your cloud infrastructure and Kubernetes security posture
Available with Agentless and Agent-based setup
- Strengthen the security posture of your cloud accounts, hosts, containers, and Kubernetes deployments with continuous configuration checks
- Fix misconfigurations faster by leveraging resource ownership to automatically route alerts and remediation steps to the right team
- Address specific security requirements by tailoring detection rules, either by duplicating an existing control or designing one from scratch
Uncover and remediate excessive permissions to reduce identity risk
Available with Agentless and Agent-based setup
- Secure your cloud infrastructure from IAM-based attacks by mitigating excessive permissions gaps, controlling administrative privileges, and reducing the potential blast radius of security incidents
- Access full summaries of detected identity risks, including how resources can be accessed, related permissions, and remediation steps for efficient mitigation
- Proactively defend against evolving identity risks with curated rules and best practices, continually updated by Datadog’s security research
Confidently adhere to industry and custom compliance benchmarks
Available with Agentless and Agent-based setup
- Track conformance to requirements of industry benchmarks and other controls, such as CIS, PCI DSS, SOC 2, and more or create custom frameworks
- Continuously benchmark your Kubernetes deployments against industry-standard frameworks to strengthen your security posture
- Evaluate your organization’s compliance and security progress across teams and accounts with the Datadog Posture Score
- Create, monitor, and report on custom compliance frameworks by leveraging Datadog’s 1,000+ detection rules or your own
Report: State of DevSecOps
Learn seven key insights about the 2024 DevSecOps landscape