Datadog, Inc. the monitoring and security platform for cloud applications, announced its modern approach to Cloud SIEM, which doesn’t require dedicated staff or specialized teams to activate the solution. This approach makes it easy for teams to onboard, de-risk migrations and democratize security practices while disrupting traditional models, which can be costly and resource intensive.

Cyber Technology Insights:  Skyflow Launches Agentic AI Security and Privacy Layer

Existing SIEM (security information and event management) solutions face several significant challenges that put security teams at risk. Traditional SIEMs often struggle to integrate data from diverse sources, leading to fragmented visibility and delayed detection and response. As organizations grow and data volumes increase, legacy systems and their required dedicated teams become overwhelmed, resulting in inefficiencies at cloud scale and rising operational costs. The high amount of false-positive alerts from these traditional solutions can also lead to alert fatigue, causing critical threats to be overlooked.

Datadog’s Cloud SIEM leverages modern architectures and machine learning to address these challenges and emphasize agility, scalability, cost-efficiency and real-time threat detection. Organizations like Lenovo, FanDuel, Carvana, University of Alabama at Birmingham (UAB) and Vanilla Technologies rely on this modern approach to rapidly onboard new sources for threat detection, help them prioritize security investigations and resolve issues quickly.

“Datadog Cloud SIEM’s ability to add custom data sources helps the SOC at UAB improve our alerts. Using specific facets we are able to create high fidelity alerts and can pivot into investigating and responding seamlessly. This overall has improved our security posture,” said Daniel Studdard, Information Security Engineer at the University of Alabama at Birmingham.

As part of Datadog’s unified platform, features of Cloud SIEM include:

  • Risk-Based Insights: Teams can correlate real-time signals and findings into entities in order to streamline the way security teams prioritize investigations. Risk scoring includes Cloud Security Management insights such as misconfigurations and identity risks, as well as expanded entity types like S3 buckets, EC2 instances, and SAML and web users, to help teams detect, prioritize and respond to threats.
  • 15-Months Retention: Datadog offers 15-months retention and Flex Logs with Cloud SIEM to provide customers with a flexible economic model that delivers powerful threat detection capabilities without overspending. This flexible approach allows organizations to scale security operations as needed while optimizing resources, enabling cost efficiency without sacrificing performance.
  • Security Operational Metrics: Cloud SIEM provides deep insights into the performance of security teams, helping to assess how effectively they respond to and resolve threats in cloud environments. These metrics are readily available through pre-built dashboards and detailed reports, offering valuable data such as detection rule coverage, alert response times and investigation outcomes that help teams continuously optimize their threat response strategies.
  • Content Packs and Out-of-the-box Integrations: With pre-built detection rules, dashboards and workflow automation tools tailored to integrations with leading technologies, organizations can leverage out-of-the-box content to accelerate threat detection and response. More than 30 integrations and Content Packs have been added in the past six months, including Abnormal Security, Atlassian Organization Logs, Cisco Secure Endpoint, Cisco Umbrella DNS, Gitlab Audit Logs, Imperva WAF logs, Lastpass, Mimecast, SentinelOne, Sophos Central Cloud, Trend Micro Email Security, Trend Micro Vision One XDR and more.
  • Datadog Security Labs: Backed by Datadog’s Threat Detection Research and Engineering team, Cloud SIEM ensures continuous innovation and momentum in threat detection. With unparalleled expertise and data insights, Datadog empowers organizations to not only migrate seamlessly but also stay ahead of emerging threats in today’s evolving security landscape.

“Today’s security threats require a modern approach that can help teams reliably detect, prioritize, investigate and resolve issues,” said Yash Kumar, Senior Director of Product at Datadog. “Datadog’s Cloud SIEM delivers that modern approach with a unified platform for observability and security that provides easy onboarding into the product with out-of-the-box content, deep threat detection, full-stack context and visualizations.”

Cyber Technology Insights: Sumo Logic Enhances Observability with AI-Powered Logs

To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com