Datadog Unveils Modern Approach To Cloud SIEM To Deliver Risk-Based Insights, Cost Efficiency And Real-Time Detection

Australia, New Zealand & Las Vegas, USA – December 4, 2024 – Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced its modern approach to Cloud SIEM, which doesn’t require dedicated staff or specialised teams to activate the solution. This approach makes it easy for teams to onboard, de-risk migrations and democratise security practices while disrupting traditional models, which can be costly and resource intensive.

Existing SIEM (security information and event management) solutions face several significant challenges that put security teams at risk. Traditional SIEMs often struggle to integrate data from diverse sources, leading to fragmented visibility and delayed detection and response. As organisations grow and data volumes increase, legacy systems and their required dedicated teams become overwhelmed, resulting in inefficiencies at cloud scale and rising operational costs. The high amount of false-positive alerts from these traditional solutions can also lead to alert fatigue, causing critical threats to be overlooked.

Datadog’s Cloud SIEM leverages modern architectures and machine learning to address these challenges and emphasise agility, scalability, cost-efficiency and real-time threat detection. Organisations like Lenovo, FanDuel, Carvana, University of Alabama at Birmingham (UAB) and Vanilla Technologies rely on this modern approach to rapidly onboard new sources for threat detection, help them prioritise security investigations and resolve issues quickly.

As part of Datadog’s unified platform, features of Cloud SIEM include:

• Risk-Based Insights: Teams can correlate real-time signals and findings into entities in order to streamline the way security teams prioritise investigations. Risk scoring includes Cloud Security Management insights such as misconfigurations and identity risks, as well as expanded entity types like S3 buckets, EC2 instances, and SAML and web users, to help teams detect, prioritise and respond to threats.
• 15-Months Retention: Datadog offers 15-months retention and Flex Logs with Cloud SIEM to provide customers with a flexible economic model that delivers powerful threat detection capabilities without overspending. This flexible approach allows organisations to scale security operations as needed while optimising resources, enabling cost efficiency without sacrificing performance.
• Security Operational Metrics: Cloud SIEM provides deep insights into the performance of security teams, helping to assess how effectively they respond to and resolve threats in cloud environments. These metrics are readily available through pre-built dashboards and detailed reports, offering valuable data such as detection rule coverage, alert response times and investigation outcomes that help teams continuously optimise their threat response strategies.
• Content Packs and Out-of-the-box Integrations: With pre-built detection rules, dashboards and workflow automation tools tailored to integrations with leading technologies, organisations can leverage out-of-the-box content to accelerate threat detection and response. More than 30 integrations and Content Packs have been added in the past six months, including Abnormal Security, Atlassian Organisation Logs, Cisco Secure Endpoint, Cisco Umbrella DNS, Gitlab Audit Logs, Imperva WAF logs, Lastpass, Mimecast, SentinelOne, Sophos Central Cloud, Trend Micro Email Security, Trend Micro Vision One XDR and more.
• Datadog Security Labs: Backed by Datadog's Threat Detection Research and Engineering team, Cloud SIEM ensures continuous innovation and momentum in threat detection. With unparalleled expertise and data insights, Datadog empowers organisations to not only migrate seamlessly but also stay ahead of emerging threats in today’s evolving security landscape.

“Today’s security threats require a modern approach that can help teams reliably detect, prioritise, investigate and resolve issues,” said Yash Kumar, Senior Director of Product at Datadog. “Datadog’s Cloud SIEM delivers that modern approach with a unified platform for observability and security that provides easy onboarding into the product with out-of-the-box content, deep threat detection, full-stack context and visualisations.”

About Datadog

Datadog is the observability and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring, log management, user experience monitoring, cloud security and many other capabilities to provide unified, real-time observability and security for our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

© Scoop Media