Cloud Security Management

Join an enablement webinar session

Learn how Datadog Cloud SIEM and Cloud Security Management elevate your organization's threat detection and investigation for dynamic, cloud-scale environments.

SIGN UP

Datadog Cloud Security Management (CSM) delivers real-time threat detection and continuous configuration audits across your entire cloud infrastructure, all in a unified view for seamless collaboration and faster remediation. Powered by observability data, security teams can determine the impact of a threat by tracing the full attack flow and identify the resource owner where a vulnerability was triggered.

CSM leverages the Datadog Agent and platform-wide cloud integrations and includes:

  • Threats: Monitors file, network, and process activity across your environment to detect real-time threats to your infrastructure.
  • Misconfigurations: Tracks the security hygiene and compliance posture of your production environment, automates audit evidence collection, and enables you to remediate misconfigurations that leave your organization vulnerable to attacks.
  • Identity Risks: Provides in-depth visibility into your organization’s AWS IAM risks and enables you to detect and resolve identity risks on an ongoing basis.
  • Vulnerabilities: Leverages infrastructure observability to detect, prioritize, and manage vulnerabilities in your organization’s containers and hosts.
Cloud Security Management in Datadog
Collecting events using Cloud Security Management will affect your billing. For more information, see Datadog Pricing.

Track your organization’s health

Available for CSM Misconfigurations, the security posture score helps you track your organization’s overall health. The score represents the percentage of your environment that satisfies all of your active out-of-the-box cloud and infrastructure compliance rules.

Improve your organization’s score by remediating misconfigurations, either by resolving the underlying issue or by muting the misconfiguration.

The posture score on the CSM overview page tracks your organization's overall health

Explore and remediate issues

Use the Explorers to review and remediate your organization’s security detections. View detailed information about a detection, including guidelines and remediation steps. Send real-time notifications when a threat is detected in your environment, and use tags to identify the owner of an impacted resource.

CSM Explorers page

Investigate resources

Resource Catalog is not supported for your selected Datadog site ().

Resource Catalog is in beta.

Use the Resource Catalog to view specific misconfigurations and threats that have been reported on the hosts and resources in your environments. See Resource Catalog for more information.

Resource Catalog map view displaying host and cloud resources grouped by category and misconfigurations.

Subscribe to weekly digest reports

Receive a weekly summary of Cloud Security Management activity over the past week, including important new security issues discovered in the last seven days. Subscriptions to the weekly digest report are managed on a per user basis. To subscribe to the weekly digest report, you must have the security_monitoring_signals_read permission.

Next steps

To get started with CSM, navigate to the Cloud Security Management Setup page in Datadog, which has detailed steps on how to set up and configure CSM. For more information, see Setting Up Cloud Security Management.

Further reading

PREVIEWING: antoine.dussault/service-representation-ga-docs-us1