Difference between revisions of "Datadog Cloud Security Management (CSM)"
Jump to navigation
Jump to search
(→Alerts) |
|||
| (9 intermediate revisions by the same user not shown) | |||
| Line 17: | Line 17: | ||
* Host Vulnerability Management | * Host Vulnerability Management | ||
* Container Vulnerability Management | * Container Vulnerability Management | ||
| + | |||
| + | == Alerts == | ||
| + | * [[Datadog: EC2 subnets should not automatically assign public IP addresses]] | ||
| + | * <code>[[Application Load Balancers should be configured to drop HTTP headers]]</code>: <code>[[drop_invalid_header_fields]]</code> | ||
| + | * [[Datadog: Amazon EC2 instances should not have a public IPv4 address]] | ||
| + | * [[Datadog: Amazon ECR should be scanning all images for vulnerabilities]] | ||
| + | * [[Datadog: EC2 instances should enforce IMDSv2]] | ||
| + | * [[Datadog: RDS database instances should use a non-default port]] | ||
== Related == | == Related == | ||
| Line 22: | Line 30: | ||
* <code>[[datadog_security_monitoring_rule]]</code> | * <code>[[datadog_security_monitoring_rule]]</code> | ||
* <code>[[datadog_cloud_workload_security_agent_rule]]</code> | * <code>[[datadog_cloud_workload_security_agent_rule]]</code> | ||
| + | * [[CloudTrail logs]] | ||
| + | * [[Datadog: EC2 subnets should not automatically assign public IP addresses]] | ||
== See also == | == See also == | ||
Latest revision as of 15:09, 28 June 2024
- Vulnerability management: Host Vulnerability Management, Container Vulnerability Management
- Automated compliance checks
- Continuous posture management
- Real-time threat detection
- Identity risk assessments
Activation require SecurityAudit managed policy in DatadogAWSIntegrationRole.
Contents
Features[edit]
- Resource Inventory (by default), require
SecurityAuditmanaged policy inDatadogAWSIntegrationRole - Case Management (by default)
- Identify Risk
- Misconfigurations
- Threat Detection
- Host Vulnerability Management
- Container Vulnerability Management
Alerts[edit]
- Datadog: EC2 subnets should not automatically assign public IP addresses
Application Load Balancers should be configured to drop HTTP headers:drop_invalid_header_fields- Datadog: Amazon EC2 instances should not have a public IPv4 address
- Datadog: Amazon ECR should be scanning all images for vulnerabilities
- Datadog: EC2 instances should enforce IMDSv2
- Datadog: RDS database instances should use a non-default port
Related[edit]
- Datadog Cloud SIEM
datadog_security_monitoring_ruledatadog_cloud_workload_security_agent_rule- CloudTrail logs
- Datadog: EC2 subnets should not automatically assign public IP addresses
See also[edit]
Advertising:
