Datadog Unifies Observability and Security into a Single Platform to Meet the Needs of Modern DevSecOps Teams
Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced the launch of the Datadog Cloud Security Platform, adding full-stack security context to Datadog’s deep observability capabilities. This new offering enables organizations to use a single platform to correlate security insights with monitoring data across infrastructure, network and application tiers, providing Security teams with the visibility they need to understand and respond to potential threats faster.
In recent years, security attacks have increasingly focused on the application level, prompting DevOps and Security teams to work more closely together to “shift left” and infuse security into the full software development life cycle. Traditionally, this has been difficult because of siloed tools and processes, which has been further exacerbated as organizations move to the cloud and security teams are left with even less visibility.
Datadog’s Cloud Security Platform addresses these challenges by enabling DevOps and Security teams to access a shared source of truth supported by a common data model. With Datadog, in parallel to detecting potential threats, Security leaders now have access to the underlying infrastructure, network and application data at the time of an attack, meaning they have deeper insights that enable more accurate threat detection and accelerated incident response. And, unlike point solutions, Datadog’s platform approach ensures that this data is automatically correlated and presented in context, without requiring manual analysis.
“As organizations embark on their digital transformation journey, unifying once disparate security, compliance and engineering practices has become a key requirement to deliver best-in-class customer experiences,” said Amit Agarwal, Chief Product Officer, Datadog. “Built for cloud scale, the Datadog Cloud Security Platform supports organizations in adopting a modern DevSecOps practice that will enable a more holistic and, ultimately, a more robust approach to security, without increasing the operational burden of deploying and maintaining multiple, disconnected point solutions.”
“With Lemonade’s growth, cloud security has become a primary focus,” said Jonathan Jaffe, Chief Information Security Officer, Lemonade. “Within the first week of an easy integration, Datadog’s security offerings helped my team manage potential threats faster, with less effort, and with higher fidelity and accuracy. What’s more, collaboration with our DevOps colleagues became easier and has helped tie security to the business. We have many security tools and services; Datadog Cloud Security Platform has become one of our top-three tools. We see it supporting our current and future growth with security, and in lockstep with DevOps.”
Forrester’s State of Application Security report notes that “Applications remain a top cause of external breaches, and the prevalence of open source, API, and containers only adds complexity to the security team. Happily, organizations have started to recognize the importance of application security and are embedding security more tightly into the development phase.”1
The Datadog Cloud Security Platform includes:
- Cloud Security Posture Management (CSPM) makes it easy to track whether your production environment complies with industry standards, such as PCI DSS, SOC 2 and HIPAA, and catches misconfigurations that leave your organization vulnerable to potential attacks.
- Cloud Workload Security (CWS) detects threats to your production workloads by monitoring file and process activity across your environments to help catch host and infrastructure-based attacks.
- Security Monitoring identifies threats to your cloud environments by analyzing operational and security logs. As an easy-to-use cloud-native SIEM, Security Monitoring provides out-of-the-box security integrations and threat detection rules that are easy to extend and customize.
- Application Security, currently in beta, provides protection against application-level threats by identifying and blocking attacks that target code-level vulnerabilities, such as SQL injections and cross-site scripting (XSS) exploits.
- Unified Observability and Security Reporting allows seamless pivots between DevOps telemetry and security insights. This unified experience enables Security teams to understand the operational and business impact of security incidents, and DevOps teams to see security signals alongside the metrics, traces and logs of their services.