Getting Started with Cloud Security

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Overview

Datadog Cloud Security delivers deep visibility, continuous configuration audits, identity risk assessments, vulnerability detection, and real-time threat detection across your entire cloud infrastructure—all in a unified platform for seamless collaboration and faster remediation.

With Cloud Security, Security and DevOps teams can act on the shared context of observability and security data to quickly prioritize and remediate issues. This guide walks you through best practices for getting your team up and running with Cloud Security.

Phase 1: Deployment

  1. Using Agentless and/or the Datadog Agent (version 7.46 or above), enable Cloud Security for your cloud resources and infrastructure:
    • Threats: Kubernetes, Docker, and host-based installations.
    • Misconfigurations: AWS, Azure, GCP, Kubernetes, and Docker instructions.
    • Identity Risks: Enable AWS resource collection and Cloudtrail logs forwarding.
    • Vulnerabilities: Container image scanning and host scanning instructions for AWS, Azure, Kubernetes, ECS EC2 instances, and host-based installations.
  2. Check out the Cloud Security homepage to get an overview of your organization’s risks and threats.
  3. Review 500+ out-of-the-box Threats and Misconfigurations detection rules.
  4. Explore security signals and review Cloud Security Misconfigurations findings.
  5. Review and remediate identity risks on the Identity Risks page.
  6. Review container vulnerabilities on the Container Images page, and a consolidated list of vulnerabilities on the Infrastructure Vulnerability page.
  7. Set up notification rules and receive alerts using Slack, Jira, email, and more.

Phase 2: Customization

  1. Set up Workload Protection suppression rules to reduce noise.
  2. Create custom detection rules for Cloud Security Misconfigurations and Workload Protection.

Phase 3: Reports and dashboards

  1. Assess your organization’s posture by reviewing compliance reports.
  2. Use out-of-the-box dashboards or create your own for faster investigations, reporting, and monitoring.
  3. Subscribe to the weekly security digest reports to begin investigation and remediation of the most important new security issues discovered in the last seven days.

Disable Cloud Security

For information on disabling Cloud Security, see the following:

Further reading

Documentation, liens et articles supplémentaires utiles:

Cloud SecurityDOCUMENTATION more more Cloud Resources Schema ReferenceDOCUMENTATION more more Automate end-to-end processes with Datadog WorkflowsBLOG more more How we detect and notify users about leaked Datadog credentialsBLOG more more Join an interactive session to elevate your security and threat detectionFOUNDATION ENABLEMENT more more Security research, reports, tips, and videos from DatadogSECURITY LABS more more
PREVIEWING: deforest/consolidated-security-nav-branch