Difference between revisions of "Datadog Cloud Security Management (CSM)"
Jump to navigation
Jump to search
(→Alerts) |
|||
(23 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
* https://www.datadoghq.com/product/cloud-security-management/ | * https://www.datadoghq.com/product/cloud-security-management/ | ||
− | * [[Vulnerability management]] | + | * [[Vulnerability management]]: [[Host Vulnerability Management]], [[Container Vulnerability Management]] |
* Automated [[compliance checks]] | * Automated [[compliance checks]] | ||
− | * Continuous posture management | + | * [[Continuous posture management]] |
* Real-time threat detection | * Real-time threat detection | ||
* Identity [[risk assessments]] | * Identity [[risk assessments]] | ||
+ | Activation require <code>[[SecurityAudit]]</code> managed policy in <code>[[DatadogAWSIntegrationRole]]</code>. | ||
== Features == | == Features == | ||
− | * Resource Inventory | + | * [[Resource Inventory]] (by default), require <code>[[SecurityAudit]]</code> managed policy in <code>[[DatadogAWSIntegrationRole]]</code> |
− | * Case Management | + | * Case Management (by default) |
− | * Misconfigurations | + | * [[Identify Risk]] |
+ | * [[Misconfigurations]] | ||
* Threat Detection | * Threat Detection | ||
− | |||
* Host Vulnerability Management | * Host Vulnerability Management | ||
* Container Vulnerability Management | * Container Vulnerability Management | ||
+ | |||
+ | == Alerts == | ||
+ | * [[Datadog: EC2 subnets should not automatically assign public IP addresses]] | ||
+ | * <code>[[Application Load Balancers should be configured to drop HTTP headers]]</code>: <code>[[drop_invalid_header_fields]]</code> | ||
+ | * [[Datadog: Amazon EC2 instances should not have a public IPv4 address]] | ||
+ | * [[Datadog: Amazon ECR should be scanning all images for vulnerabilities]] | ||
+ | * [[Datadog: EC2 instances should enforce IMDSv2]] | ||
+ | * [[Datadog: RDS database instances should use a non-default port]] | ||
== Related == | == Related == | ||
* [[Datadog Cloud SIEM]] | * [[Datadog Cloud SIEM]] | ||
− | * [[datadog_security_monitoring_rule]] | + | * <code>[[datadog_security_monitoring_rule]]</code> |
− | * [[datadog_cloud_workload_security_agent_rule]] | + | * <code>[[datadog_cloud_workload_security_agent_rule]]</code> |
+ | * [[CloudTrail logs]] | ||
+ | * [[Datadog: EC2 subnets should not automatically assign public IP addresses]] | ||
== See also == | == See also == | ||
* {{tf dd}} | * {{tf dd}} | ||
− | * {{Datadog}} | + | * {{DD CSM}} |
+ | * {{Datadog security}} | ||
[[Category:Datadog]] | [[Category:Datadog]] |
Revision as of 15:09, 28 June 2024
- Vulnerability management: Host Vulnerability Management, Container Vulnerability Management
- Automated compliance checks
- Continuous posture management
- Real-time threat detection
- Identity risk assessments
Activation require SecurityAudit
managed policy in DatadogAWSIntegrationRole
.
Contents
Features
- Resource Inventory (by default), require
SecurityAudit
managed policy inDatadogAWSIntegrationRole
- Case Management (by default)
- Identify Risk
- Misconfigurations
- Threat Detection
- Host Vulnerability Management
- Container Vulnerability Management
Alerts
- Datadog: EC2 subnets should not automatically assign public IP addresses
Application Load Balancers should be configured to drop HTTP headers
:drop_invalid_header_fields
- Datadog: Amazon EC2 instances should not have a public IPv4 address
- Datadog: Amazon ECR should be scanning all images for vulnerabilities
- Datadog: EC2 instances should enforce IMDSv2
- Datadog: RDS database instances should use a non-default port
Related
- Datadog Cloud SIEM
datadog_security_monitoring_rule
datadog_cloud_workload_security_agent_rule
- CloudTrail logs
- Datadog: EC2 subnets should not automatically assign public IP addresses
See also
- Terraform datadog, provider,
datadog_user, datadog_monitor_json, datadog_logs_custom_pipeline, datadog_integration_aws, datadog_security_monitoring_rule, datadog_integration_slack_channel
- Datadog Cloud Security Management: Identity Risk, Misconfigurations
- Datadog security: Cloud SIEM, Cloud Security Management (CSM)
Advertising: