Difference between revisions of "Datadog Cloud Security Management (CSM)"

From wikieduonline
Jump to navigation Jump to search
 
(19 intermediate revisions by the same user not shown)
Line 1: Line 1:
* https://www.datadoghq.com/product/cloud-security-management/
+
[https://www.datadoghq.com/product/cloud-security-management/ Datadog Cloud Security Management (CSM)]
 
 
 
* [[Vulnerability management]]: [[Host Vulnerability Management]], [[Container Vulnerability Management]]
 
* [[Vulnerability management]]: [[Host Vulnerability Management]], [[Container Vulnerability Management]]
* Automated [[compliance checks]]
+
* Automated [[compliance checks]] and reports
 
* [[Continuous posture management]]
 
* [[Continuous posture management]]
 
* Real-time threat detection
 
* Real-time threat detection
 
* Identity [[risk assessments]]
 
* Identity [[risk assessments]]
  
 +
Activation require <code>[[SecurityAudit]]</code> managed policy in <code>[[DatadogAWSIntegrationRole]]</code>.
  
 
== Features ==
 
== Features ==
* [[Resource Inventory]] (by default), require <code>[[SecurityAudit]]</code> managed policy.
+
* [[Resource Inventory]] (by default), require <code>[[SecurityAudit]]</code> managed policy in <code>[[DatadogAWSIntegrationRole]]</code>
 
* Case Management (by default)
 
* Case Management (by default)
 
* [[Identify Risk]]
 
* [[Identify Risk]]
Line 16: Line 16:
 
* Host Vulnerability Management
 
* Host Vulnerability Management
 
* Container Vulnerability Management
 
* Container Vulnerability Management
 +
 +
== Alerts ==
 +
* [[Datadog: EC2 subnets should not automatically assign public IP addresses]]
 +
* <code>[[Application Load Balancers should be configured to drop HTTP headers]]</code>: <code>[[drop_invalid_header_fields]]</code>
 +
* [[Datadog: Amazon EC2 instances should not have a public IPv4 address]]
 +
* [[Datadog: Amazon ECR should be scanning all images for vulnerabilities]]
 +
* [[Datadog: EC2 instances should enforce IMDSv2]]
 +
* [[Datadog: RDS database instances should use a non-default port]]
  
 
== Related ==
 
== Related ==
 
* [[Datadog Cloud SIEM]]
 
* [[Datadog Cloud SIEM]]
* [[datadog_security_monitoring_rule]]
+
* <code>[[datadog_security_monitoring_rule]]</code>
* [[datadog_cloud_workload_security_agent_rule]]
+
* <code>[[datadog_cloud_workload_security_agent_rule]]</code>
 +
* [[CloudTrail logs]]
 +
* [[Datadog: EC2 subnets should not automatically assign public IP addresses]]
  
 
== See also ==
 
== See also ==
 
* {{tf dd}}
 
* {{tf dd}}
* {{Datadog}}
+
* {{DD CSM}}
 +
* {{Datadog security}}
  
 
[[Category:Datadog]]
 
[[Category:Datadog]]

Latest revision as of 12:54, 31 July 2024

Datadog Cloud Security Management (CSM)

Activation require SecurityAudit managed policy in DatadogAWSIntegrationRole.

Features[edit]

Alerts[edit]

Related[edit]

See also[edit]

Advertising: