Compliance Monitoring proactively notifies DevSecOps teams of misconfigurations and compliance drift which can lead to security incidents
NEW YORK--(BUSINESS WIRE)--Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced Compliance Monitoring. This new product can identify misconfigurations that cause compliance drift as soon as they occur. Once problems are identified, Datadog Compliance Monitoring immediately notifies engineers, enabling them to proactively remediate any issues.
The increasing adoption of cloud platforms has resulted in a proliferation of new security risks: from compliance-sensitive workloads on public clouds that are deployed before security tooling can detect them, to developers and automated configuration tools accidentally misconfiguring a service that opens security vulnerabilities. Furthermore, developers and site reliability engineers are now being asked to secure the services they own despite having little prior experience or training in security techniques.
“As cloud infrastructure continues to become more dynamic and scales to meet demand, tracking configuration for compliance will become more challenging,” said Renaud Boutet, Vice President of Product at Datadog. “Datadog Compliance Monitoring provides full end-to-end visibility into cloud environments, allowing for continuous tracking of security configuration rules in a single, unified platform. When Datadog detects a compliance violation, DevSecOps teams will receive an alert that diagnoses the failure, lists the exposed assets and provides instructions on how to remediate it, quickly.”
Compliance Monitoring tracks the state of all cloud-native resources, such as security groups, storage buckets, load balancers, and Kubernetes. Key features include:
- Wide spectrum security observability: Compliance Monitoring rapidly discovers all assets and their configurations, and combines this asset information with the full telemetry of the Datadog platform. Observing misconfigurations in the context of other threats and application performance allows developers and security engineers to go from identifying a poorly configured service to diagnosing an attack in seconds.
- Continuous compliance posture: Datadog uses two methods to continuously assess the configuration of an environment. First, Datadog crawls cloud health services configuration, ingesting this data and analyzing it. Second, the Datadog agent collects local configuration information from servers and containers.
- Compliance Status Snapshot: Expert-built dashboards offer comprehensive snapshots of the adherence to common compliance frameworks and standards such as PCI DSS and CIS Benchmarks.
- Production-ready file integrity monitoring (FIM): Datadog’s single universal agent collects data from containers, Kubernetes clusters, and hosts so organizations can monitor runtime security as they move their workloads to the cloud.
- Easy custom governance policies: Datadog provides a simple WYSIWYG interface for users to build their own custom security and governance policies and reporting dashboards.
Datadog Compliance Monitoring is now available in beta within the Datadog platform. For more information, please visit: https://www.datadoghq.com/blog/compliance-monitoring
Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers’ entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.
This press release may include certain "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements reflect our current views about our plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on assumptions we have made. Actual results may differ materially from those described in the forward-looking statements and are subject to a variety of assumptions, uncertainties, risks and factors that are beyond our control, including those risks detailed under the caption "Risk Factors" and elsewhere in our Securities and Exchange Commission filings and reports, including the Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission on August 10, 2020, as well as future filings and reports by us. Except as required by law, we undertake no duty or obligation to update any forward-looking statements contained in this release as a result of new information, future events, changes in expectations or otherwise.