Cloud SIEM

Join an enablement webinar session

Learn how Datadog Cloud SIEM and Cloud Security Management elevate your organization's threat detection and investigation for dynamic, cloud-scale environments.

SIGN UP

Overview

Datadog Cloud SIEM (Security Information and Event Management) unifies developer, operation, and security teams on one platform. Use a single dashboard to display DevOps content, business metrics, and security insights. Cloud SIEM detects threats to your applications and infrastructure, such as targeted attacks, communications from threat intel-listed IP addresses, and insecure configurations, in real time. Notify your team of these security issues by email, Slack, Jira, PagerDuty, or webhooks.

The Cloud SIEM home page showing the Security Overview section with widgets for important signals, suspicious actors, impacted resources, threat intel, and signal trends

Threats are surfaced in Datadog as Security Signals and can be correlated and triaged in the Security Signals Explorer. Security Signals are generated by Datadog Cloud SIEM with Detection Rules. Detection Rules detect threats across different sources and are available out of the box for immediate use. You can clone any of the provided detection rules to change the configuration. You can also add a new rule from scratch to fit your specific use case.

Get started


Further reading

PREVIEWING: esther/docs-9478-fix-split-after-example