Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scared or Ready: A Pragmatic Way to Approach Security Threats

Mar 12, 2025 By Datadog In Datadog
Security incidents are often making headlines, from ransomware to colossal data leaks. On top of that, making informed security decisions is a challenge in itself, requiring knowledge across product requirements, complex distributed systems, code, architecture, and security. All of which creates a sense of fear, uncertainty, and doubt for those of us who build software. How can we better prepare to respond to potential threats and gain confidence in our security incident response readiness?
View Video
datadog

Identify gaps to strengthen detection coverage with the Datadog Cloud SIEM MITRE ATT&CK Map

Mar 10, 2025 By Amanda Quach In Datadog
Security analysts need clear visibility into potential threats to proactively defend against cyberattacks. Defining these threats can be challenging, but many security teams rely on the MITRE ATT&CK framework as a foundational resource for strengthening their defenses. While security platforms tag detections with MITRE ATT&CK tactics and techniques, analysts often struggle to assess their overall coverage across different attack surfaces.
Read Post
datadog

Understanding your WAF: How to address common gaps in web application security

Mar 6, 2025 By Emile Spir In Datadog
Web application firewalls (WAFs) are one of the most commonly used tools that organizations deploy to protect their applications at runtime. By monitoring HTTP traffic and filtering out suspicious requests, WAFs act as a protective layer around an application that protects it from certain types of incoming threats. However, WAFs often fall short of expectations.
Read Post
datadog

Detect cross-account access risks in AWS with Datadog

Mar 5, 2025 By Mallory Mooney In Datadog
Managing access across multiple AWS accounts is a popular approach to isolating workloads and data. While it provides several benefits to organizing the various operational requirements for the environment, it introduces additional complexity for managing IAM policies and workload permissions. A primary concern is assigning too many permissions to any one source, which increases the risk of an attacker moving within the environment undetected.
Read Post
datadog

Securing Datadog's cloud infrastructure: Our playbook and methodology

Mar 3, 2025 By Tim Gonda In Datadog
At Datadog, we build and operate a complex, self-managed infrastructure that spans multiple cloud providers and serves many customers in regulated environments. We need to secure this large, distributed infrastructure while maintaining strict uptime requirements and scaling our finite people resources. In this post, I’ll detail the playbook that we use on Datadog’s Cloud Security team for securing our infrastructure, including.
Read Post
datadog

Detect and respond to evolving attacks with Attacker Clustering

Feb 26, 2025 By Emmanuelle Lejeail In Datadog
In today’s threat landscape, detecting and responding to distributed attacks is more challenging than ever. Attackers often operate in stealth, using coordinated strategies to blend into normal traffic and evade detection. To address this issue, Datadog Application Security Management (ASM) has a new clustering feature designed to identify and group attacker behaviors during distributed attacks.
Read Post
datadog

Optimize EDR logs and route them to SentinelOne with Observability Pipelines

Feb 25, 2025 By Pratik Parekh In Datadog
Endpoint detection and response (EDR) systems such as SentinelOne Singularity Endpoint, CrowdStrike, and Microsoft Defender monitor IT infrastructure such as computers, mobile devices, and network devices to detect, alert on, and respond to cyber threats. These EDR systems record data about the endpoints to identify abnormal behavior, block malicious activity, and provide remediation suggestions with contextual information.
Read Post
datadog

Monitor your Atlassian audit records and event logs with Datadog Cloud SIEM

Feb 13, 2025 By Vera Chan In Datadog
Collaboration platforms like Atlassian Jira and Atlassian Confluence contain sensitive company and employee data, making them critical targets for cyberattacks. Teams use Jira to track and manage projects, and rely on Confluence as an internal knowledgebase for documentation, company policy guides, team wikis, and more. Atlassian organizations, which provide a centralized place for admins to manage their Atlassian products and users, are also prime targets.
Read Post
datadog

Simplify your SIEM migration to Microsoft Sentinel with Datadog Observability Pipelines

Feb 5, 2025 By Micah Kim In Datadog
As cyberattacks rise in number and sophistication, many CISOs are pushing their organizations to adopt modern SIEM solutions to better monitor and investigate threats to their applications and infrastructure. Enterprises with a large Microsoft Azure or Windows-based footprint in particular are increasingly eyeing Microsoft Sentinel to consolidate their security stack and workflows.
Read Post
datadog

How insurance companies discover, classify, and act on sensitive data risks with Datadog

Feb 3, 2025 By Edith Mendez In Datadog
Every day, insurance companies manage vast amounts of sensitive data, including medical records, financial information, and personal identifiers—all of which are processed and stored across various services, applications, and cloud resources. The types of sensitive data that these companies collect has become more complex and nuanced, with varying requirements for protection.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.