Datadog Unveils Updates to Security Platform

At its recent DASH 2023 conference, Datadog unveiled two major updates to its security platform: Security Inbox and Historical Detections, which aim to help engineering teams more efficiently identify and resolve security issues within their cloud environments

Pierre Betouin, SVP of security products at Datadog, explained that Security Inbox represents the “tip of the iceberg” in terms of DataDog’s security vision. By correlating various security signals and insights, Security Inbox surfaces the most critical threats and vulnerabilities in the form of actionable security alerts. Users are presented with clear, concise security notifications they can quickly assign and remediate.

Betouin noted that previously, Datadog provided lower-level security alerts across various exploration views. With Security Inbox, the platform can automatically piece together technical threats, risks and environmental context into a simplified issue. This eliminates the need to individually track dozens of discrete signals.

The second major addition is Historical Investigations for Cloud SIEM, which provides users with a “security time machine” to retrospectively investigate activities. As cloud infrastructure rapidly scales up and down, it can be challenging to understand the root cause of security events weeks or months later. Historical Investigations allows engineers to visually explore historical security data, pivoting across different facets like users, IPs and time ranges.

According to Betouin, these new capabilities build upon Datadog’s unique security telemetry gathered across infrastructure, applications and cloud environments. Tight integration with Datadog’s existing observability platform also enables collaboration between security and engineering teams in a shared context.

With Security Inbox and Historical Investigations, Datadog continues executing on its vision for cloud-native security. By consolidating and enhancing visibility into the evolving threat landscape, the company hopes to close the gap between security and operations. This allows organizations to ship secure systems rapidly without compromising protection.

Zooming out, cybersecurity threats are only going to continue to increase in sophistication, and AI-driven attacks are expected to become more widespread. To keep pace, security platforms will need enhanced detection capabilities fueled by high-quality data, robust data structures, and advanced algorithms. Vendors that have established strength in these areas, as Datadog is attempting to position itself with these new capabilities, will be better equipped to protect against emerging AI-powered threats.

More broadly, though, security solutions will likely expand across additional disciplines like QA, testing and front-end development. Integrating security deeper into the entire software development life cycle will enable organizations to ship secure systems at rapid cloud speed without compromising protection.