|
By Mallory Mooney
Cloud environments create a flood of security signals, often reaching tens of thousands per day depending on the organization’s size. Security engineers and analysts spend a disproportionate share of their time triaging these signals instead of acting on legitimate threats. But the time-intensive parts of that work, such as identifying related signals and building a timeline, can be handled systematically, leaving teams free to focus on what actually requires human judgment.
|
By Mohammad Jama
As AI adoption accelerates on Google Cloud, the challenge for most teams today is no longer just building AI-powered applications. It’s also managing the full AI stack from end to end, including data pipelines, infrastructure, release process, and security operations. Many teams are monitoring these layers with different tools, creating complexity, fragmenting visibility, and slowing decisions on what to do next.
|
By Michelle Sun
In March 2026, a GitHub account called hackerbot-claw, describing itself as an “autonomous security research agent powered by claude-opus-4-5,” began systematically targeting open source repositories—including one from Datadog. Over a week, it opened many pull requests designed to exploit misconfigurations in GitHub Actions workflows.
|
By Florentin Labelle
Python AWS Lambda functions are ephemeral and highly distributed, which creates security visibility gaps that traditional perimeter defenses and proxy-based controls struggle to fill. Techniques such as credential stuffing, SQL injection, and server-side request forgery (SSRF) can look like legitimate application traffic, making them difficult to identify without visibility inside the application itself.
|
By Julien Delange
Static application security testing (SAST) tools help developers quickly catch potential vulnerabilities as they code. However, these tools rely on inflexible rules that often generate a high number of false positives, reducing trust in their accuracy and slowing adoption. To help developers access context-aware vulnerability detection, we’ve released an open source AI-native SAST solution. This tool scans code changes incrementally and surfaces security issues in real time.
|
By Juvenal Araujo
Source code management (SCM) and CI/CD pipelines have become the industry standard for automating software delivery. But from the time a code change enters your SCM until it’s deployed, it’s susceptible to changes and reconfigurations that can go so far as to modify the pipeline itself. If you’re not proactively securing your CI/CD system, attackers can use it to grant themselves permissions, access secrets, and ship malicious code.
|
By Juvenal Araujo
In Part 1 of this series, we discussed the CI/CD security boundary, mapped out potential attack vectors with a CI/CD threat matrix, and introduced a simple threat model focused on ideating detection workflows. In this post, we’ll apply these principles to a real-world source code management (SCM) tool example that every developer is familiar with: GitHub. In addition to threat modeling, we’ll also be taking a closer look at historical attacks on GitHub and GitHub Actions ecosystems.
|
By Valery Neira
AI-assisted development helps teams write code faster, but that speed comes with added security risk. As agents generate more code, they can introduce vulnerabilities, insecure dependencies, or exposed secrets, often before a human reviewer ever sees the change. Security teams are left reviewing more code with the same resources, which makes it harder to catch issues early.
|
By Vera Chan
Security teams face a threat landscape shaped by AI-driven attacks and identity misuse. Adversaries increasingly rely on compromised identities to blend in as legitimate users, making attacks harder to detect and slower to contain. On average, organizations take 241 days to identify and contain a breach.1 While threats have evolved, legacy SIEMs have not kept pace.
|
By Datadog
Proactively addressing risks in technical environments is a constant challenge. Many teams wait until it’s too late and key application functionality is disrupted or sensitive data is exposed. However, understanding risk severity in context can be difficult, especially in distributed systems where related issues and impacts may not be immediately obvious.
|
By Datadog
April’s This Month in Datadog spotlights the Datadog MCP Server, which gives AI agents secure, real-time access to Datadog telemetry, and Datadog Experiments, which lets you design, launch, and analyze experiments to see the full impact of product changes on the user journey. Plus, we cover how to: Accelerate Cloud SIEM investigations with Bits AI Security Analyst Remediate vulnerabilities in your codebase with Bits AI Dev Agent for Code Security Explore Datadog with natural language using Bits Assistant.
|
By Datadog
Datadog has always been driven by a broader vision of helping teams understand and operate complex systems. In this session, you’ll hear from Yanbing Li, Chief Product Officer, and Shri Subramanian, Group Product Manager, as they share the latest updates across the Datadog product suite and discuss how that vision continues to shape the platform’s evolution and support the next generation of AI-driven applications.
|
By Datadog
Datadog has always been driven by a broader vision of helping teams understand and operate complex systems. In this session, you’ll hear from Yrieix Garnier, VP of Product, and Hugo Kaczmarek, Senior Director of Product, as they share the latest updates across the Datadog product suite and discuss how that vision continues to shape the platform’s evolution and support the next generation of AI-driven applications.
|
By Datadog
As AI coding assistants accelerate software development, the volume of pull requests at Datadog has grown to nearly 10,000 per week, increasing the risk that malicious changes slip through due to review fatigue. To address this, Datadog built BewAIre, an LLM-powered code review system designed to identify malicious source code changes introduced by threat actors. By reducing approval fatigue for developers while increasing friction for attackers, BewAIre guides human reviewers to the areas where judgment matters most, without slowing developer velocity.
|
By Datadog
Auth0, part of Okta, is one of the most trusted identity platforms in the world—helping enterprises secure authentication and customer logins at massive scale. Their business depends on resiliency and reliability, and they maintain an extremely high SLA of 99.99% uptime. Because even seconds of downtime can impact customer logins, Auth0 set out to strengthen observability with Datadog across their entire environment and accelerate the way their teams detect, troubleshoot, and resolve issues.
|
By Datadog
Datadog's Bits AI Security Analyst transforms the way security teams handle investigations by autonomously triaging Datadog Cloud SIEM signals. Built natively in Datadog, it conducts in-depth investigations of potential threats and delivers clear, actionable recommendations. With context-rich guidance for mitigation, security teams can stay ahead of evolving threats with greater efficiency and precision.
|
By Datadog
In their talk, Katie Nickels (Sr. Director of Intelligence Operations) and Jesse Griggs (Sr. Threat Researcher) from Red Canary show you how to adapt an endpoint detection mindset to the cloud, specifically focusing on pre-impact TTPs and building robust cloud detections.
|
By Datadog
Datadog Detect is a virtual mini-conference dedicated to helping security teams modernize detection and response by applying engineering best practices. Hear talks from industry experts, including security researchers and engineers at Datadog, Red Canary, and Corelight to learn about building scalable, effective security operations.
|
By Datadog
In this talk, Megan Roddie-Fonseca, Sr. Security Engineer at Datadog, addresses the challenge of finding "just right" detections, leveraging data classification techniques like recall and precision to balance false positives and missed attacks. Presented on October 30, 2025 for Datadog Detect.
|
By Datadog
In this talk, David Burkett, Cloud Security Researcher at Corelight, highlights how timeless evasion tactics create critical blind spots in cloud workloads, and illustrates the role of Network Detection and Response (NDR) as a resilient countermeasure. Presented on October 30, 2025 for Datadog Detect.
|
By Datadog
As Docker adoption continues to rise, many organizations have turned to orchestration platforms like ECS and Kubernetes to manage large numbers of ephemeral containers. Thousands of companies use Datadog to monitor millions of containers, which enables us to identify trends in real-world orchestration usage. We're excited to share 8 key findings of our research.
|
By Datadog
The elasticity and nearly infinite scalability of the cloud have transformed IT infrastructure. Modern infrastructure is now made up of constantly changing, often short-lived VMs or containers. This has elevated the need for new methods and new tools for monitoring. In this eBook, we outline an effective framework for monitoring modern infrastructure and applications, however large or dynamic they may be.
|
By Datadog
Where does Docker adoption currently stand and how has it changed? With thousands of companies using Datadog to track their infrastructure, we can see software trends emerging in real time. We're excited to share what we can see about true Docker adoption.
|
By Datadog
Build an effective framework for monitoring AWS infrastructure and applications, however large or dynamic they may be. The elasticity and nearly infinite scalability of the AWS cloud have transformed IT infrastructure. Modern infrastructure is now made up of constantly changing, often short-lived components. This has elevated the need for new methods and new tools for monitoring.
|
By Datadog
Like a car, Elasticsearch was designed to allow you to get up and running quickly, without having to understand all of its inner workings. However, it's only a matter of time before you run into engine trouble here or there. This guide explains how to address five common Elasticsearch challenges.
|
By Datadog
Monitoring Kubernetes requires you to rethink your monitoring strategies, especially if you are used to monitoring traditional hosts such as VMs or physical machines. This guide prepares you to effectively approach Kubernetes monitoring in light of its significant operational differences.
- April 2026 (10)
- March 2026 (6)
- February 2026 (5)
- January 2026 (3)
- December 2025 (7)
- November 2025 (6)
- October 2025 (10)
- September 2025 (3)
- August 2025 (5)
- July 2025 (6)
- June 2025 (5)
- May 2025 (3)
- April 2025 (11)
- March 2025 (19)
- February 2025 (5)
- January 2025 (3)
- December 2024 (5)
- November 2024 (7)
- October 2024 (9)
- September 2024 (6)
- August 2024 (7)
- July 2024 (5)
- June 2024 (8)
- May 2024 (6)
- April 2024 (10)
- March 2024 (8)
- February 2024 (4)
- January 2024 (5)
- December 2023 (9)
- November 2023 (12)
- October 2023 (10)
- September 2023 (6)
- August 2023 (11)
- July 2023 (7)
- June 2023 (8)
- May 2023 (6)
- April 2023 (9)
- March 2023 (1)
- February 2023 (4)
- January 2023 (4)
- December 2022 (5)
- November 2022 (9)
- October 2022 (2)
- September 2022 (2)
- July 2022 (2)
- June 2022 (2)
- May 2022 (4)
- April 2022 (4)
- March 2022 (3)
- February 2022 (4)
- January 2022 (3)
- December 2021 (2)
- November 2021 (4)
- October 2021 (1)
- August 2021 (3)
- July 2021 (6)
- June 2021 (1)
- May 2021 (2)
- April 2021 (7)
- March 2021 (1)
- January 2021 (2)
- December 2020 (7)
- November 2020 (1)
- October 2020 (1)
- September 2020 (2)
- August 2020 (1)
- July 2020 (1)
- June 2020 (1)
- May 2020 (2)
- April 2020 (1)
- November 2019 (1)
- September 2019 (1)
- October 2018 (4)
- September 2018 (1)
- August 2018 (1)
Datadog is the essential monitoring platform for cloud applications. We bring together data from servers, containers, databases, and third-party services to make your stack entirely observable. These capabilities help DevOps teams avoid downtime, resolve performance issues, and ensure customers are getting the best user experience.
See it all in one place:
- See across systems, apps, and services: With turn-key integrations, Datadog seamlessly aggregates metrics and events across the full devops stack.
- Get full visibility into modern applications: Monitor, troubleshoot, and optimize application performance.
- Analyze and explore log data in context: Quickly search, filter, and analyze your logs for troubleshooting and open-ended exploration of your data.
- Build real-time interactive dashboards: More than summary dashboards, Datadog offers all high-resolution metrics and events for manipulation and graphing.
- Get alerted on critical issues: Datadog notifies you of performance problems, whether they affect a single host or a massive cluster.
Modern monitoring & analytics. See inside any stack, any app, at any scale, anywhere.
- AIOps
- Alerts
- Application Security
- Cloud Monitoring
- Container Monitoring
- Dashboards
- Database Monitoring
- Distributed Tracing
- Incident Response
- Infrastructure Monitoring
- Log Analytics
- Performance Monitoring
- Profiling
- SIEM
- Server Monitoring
- Serverless Monitoring
- Synthetic Monitoring
- Threat Detection
- Website Monitoring
- Alternatives to Datadog