Datadog Unveils Compliance Monitoring

Datadog

Monitoring and security platform for cloud applications, Datadog (NASDAQ: DDOG), has launched its Compliance Monitoring solutions. This new product can identify misconfigurations that cause compliance drift as soon as they occur. Once problems are identified, Datadog Compliance Monitoring immediately notifies engineers, enabling them to proactively remediate any issues.

The increasing adoption of cloud platforms has resulted in a proliferation of new security risks, stated Datadog. From compliance-sensitive workloads on public clouds that are deployed before security tooling can detect them, to developers and automated configuration tools accidentally misconfiguring a service that opens security vulnerabilities.

Renaud Boutet
“As cloud infrastructure continues to become more dynamic and scales to meet demand, tracking configuration for compliance will become more challenging,” said Renaud Boutet, Vice President of Product at Datadog.

Datadog Compliance Monitoring is now available in beta within the Datadog platform.

“As cloud infrastructure continues to become more dynamic and scales to meet demand, tracking configuration for compliance will become more challenging,” said Renaud Boutet, Vice President of Product at Datadog. “Datadog Compliance Monitoring provides full end-to-end visibility into cloud environments, allowing for continuous tracking of security configuration rules in a single, unified platform. When Datadog detects a compliance violation, DevSecOps teams will receive an alert that diagnoses the failure, lists the exposed assets and provides instructions on how to remediate it, quickly.”

Datadog Compliance Monitoring tracks the state of all cloud-native resources, such as security groups, storage buckets, load balancers, and Kubernetes. Key features would include:

  • Wide spectrum security observability – Compliance Monitoring would rapidly discover all assets and their configurations. It combines this asset information with the full telemetry of the Datadog platform. Observing misconfigurations in the context of other threats and application performance would allow developers and security engineers to go from identifying a poorly configured service to diagnosing an attack in seconds.
  • Continuous compliance posture – Datadog uses two methods to continuously assess the configuration of an environment. First, Datadog crawls cloud health services configuration, ingesting this data and analyzing it. Second, the Datadog agent collects local configuration information from servers and containers.
  • Compliance Status Snapshot – Expert-built dashboards offer comprehensive snapshots of the adherence to common compliance frameworks and standards such as PCI DSS and CIS Benchmarks.
  • Production-ready file integrity monitoring (FIM) – Datadog’s single universal agent collects data from containers, Kubernetes clusters, and hosts. Organizations can monitor runtime security this way as they move their workloads to the cloud.
  • Custom governance policies – Datadog would provide a “simple” WYSIWYG interface for users to build their own custom security and governance policies and reporting dashboards.