Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing secrets is a difficult task. Developers frequently hardcode credentials for quick testing or use AI-generated code snippets that include live API keys or tokens. This means that enterprise secrets can inadvertently make their way into repositories and pipelines, exposing organizations to security and compliance risks without anyone noticing. When a secret is committed to a repository, it spreads quickly across branches, becomes difficult to track, and leads to leaks that are hard to clean up.

Security and observability teams generate terabytes of log data every day—from firewalls, identity systems, and cloud infrastructure, in addition to application and access logs. To control SIEM costs and meet long-term retention requirements, many organizations archive a significant portion of this data in cost-optimized object storage such as Amazon S3, Google Cloud Storage, and Azure Blob Storage.

Modern applications are constantly exposed to various malicious activities, including credential stuffing, API abuse, and advanced injection attacks. Many of these threats can be stopped at the network edge, before they ever reach your application. That’s why Datadog App and API Protection offers real-time threat detection and blocking for popular edge proxies and load balancers, which include integrations for Envoy, Istio, NGINX, and Google Cloud Load Balancers (using Google Service Extensions).

Rising log volumes are making it harder than ever for security and SRE teams to balance visibility with cost. Every network, CDN, and security layer generates continuous streams of telemetry, but deciding what to parse, retain, or drop often requires manual configuration, specialized knowledge, and extensive tuning.

We have just released the 2025 State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can use Datadog Cloud Security to improve your security posture.

The Model Context Protocol (MCP) is a popular framework for connecting AI agents to data sources, such as APIs and databases. Because this technology is still new and evolving, its security standards are also in the early stages. This means that MCP servers are susceptible to misuse, so teams building and running them internally need visibility into server interactions to keep their environments safe from attacks.

Organizations running containerized environments face complex security challenges as they scale Kubernetes and adopt dynamic, ephemeral infrastructure. Traditional security tools often miss activity inside containers, making it difficult to detect policy violations or threats at runtime. Falco is a runtime security monitoring tool for containerized infrastructure.