Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Datadog

Detect SSRF attacks in cloud applications and APIs

APIs can be vulnerable to a wide variety of attacks, such as poor inventory management and access controls, making them a primary target for attackers. Server-side request forgery (SSRF) is one type of attack that has become more prominent with the rising use of public clouds. This is primarily due to new development practices like using Instance Metadata Services (IMDS) to access valuable information about deployed instances, such as credentials.

Fix key cloud security risks with version 2 of the Essential Cloud Security Controls Ruleset

Cloud security teams are faced with an ever-increasing number of challenges. Attackers are focusing on more cloud-native attacks than ever. Meanwhile, the number of cloud service offerings—and by extension, the number of misconfigurations in them—is only growing. And there is always the risk that a sophisticated adversary could abuse a vulnerability in a cloud service provider to target cloud customers.

Backtest detection rules with Datadog Cloud SIEM Historical Jobs

Every security engineer has experienced this issue: after spending a lot of time creating a new SIEM alert to catch malicious behavior, you deploy it, only to find there are over 100 service accounts triggering false positives. Your SIEM is suddenly flooded with false alerts, and your team is overwhelmed as a result. You then spend hours or even days investigating these alerts and fixing your detection rule, hoping it will work better next time.

Accelerate investigations with Datadog Cloud SIEM Risk-based Insights and AWS Entity Analytics

Cloud environments today continue to grow in size and complexity, which increases the demand for improved security coverage in order to protect an organization’s assets, data, and reputation. This growth has also created significant and complex challenges in identifying insider or external threats, compromised accounts, and anomalous behavior across environments.

Scale application security with Secure by Design principles

With the alarming number of data breaches and vulnerabilities today, security is now a primary concern for organizations and their customers, but knowing how to efficiently develop and scale secure applications is still a problem. Tackling this challenge requires considering the potential security risks of a new feature or service much earlier in the development cycle, an idea that is foundational to the Secure by Design approach.

Monitor DNS logs for network and security analysis

The Domain Name System (DNS) translates domain names (e.g., datadoghq.com) into IP addresses via a process called DNS resolution. This translation facilitates all kinds of network communication, from enabling web browsers to connect to a desired page without requiring users to remember IP addresses, to internal communication across private infrastructure, such as Kubernetes environments.

Key metrics for monitoring AWS WAF

AWS WAF is a managed web application firewall that monitors network traffic to your AWS applications and resources. As a perimeter-based firewall, AWS WAF is designed to secure the boundaries between your applications and the public internet. This means that it’s capable of protecting all of the various elements of your AWS architecture, including Amazon API Gateways, load balancers, and Amazon CloudFront distributions.