惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

IT之家
IT之家
C
CXSECURITY Database RSS Feed - CXSecurity.com
V
Visual Studio Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
小众软件
小众软件
L
LangChain Blog
Cyberwarzone
Cyberwarzone
美团技术团队
The Register - Security
The Register - Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
Tor Project blog
V
V2EX
Security Archives - TechRepublic
Security Archives - TechRepublic
Hacker News: Ask HN
Hacker News: Ask HN
L
LINUX DO - 最新话题
Recent Announcements
Recent Announcements
H
Hackread – Cybersecurity News, Data Breaches, AI and More
酷 壳 – CoolShell
酷 壳 – CoolShell
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
aimingoo的专栏
aimingoo的专栏
人人都是产品经理
人人都是产品经理
F
Full Disclosure
V2EX - 技术
V2EX - 技术
The Cloudflare Blog
博客园 - 叶小钗
T
Threat Research - Cisco Blogs
阮一峰的网络日志
阮一峰的网络日志
G
GRAHAM CLULEY
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Latest news
Latest news
S
Security @ Cisco Blogs
Spread Privacy
Spread Privacy
Project Zero
Project Zero
K
Kaspersky official blog
MyScale Blog
MyScale Blog
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
博客园 - 【当耐特】
Hacker News - Newest:
Hacker News - Newest: "LLM"
大猫的无限游戏
大猫的无限游戏
P
Privacy International News Feed
Google DeepMind News
Google DeepMind News
WordPress大学
WordPress大学
C
Cybersecurity and Infrastructure Security Agency CISA
Webroot Blog
Webroot Blog
罗磊的独立博客
Vercel News
Vercel News
N
News and Events Feed by Topic
A
Arctic Wolf
C
CERT Recently Published Vulnerability Notes

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
Gain visibility into risks, vulnerabilities, and attacks with APM Security View
2023-01-18 · via Datadog | The Monitor blog

As your business grows and your services scale in number and complexity, it’s difficult to maintain a rapid pace of innovation while keeping your applications secure. It’s particularly challenging to respond to attacks, as DevOps and security teams need to collaborate to understand each attack’s root cause and remediate the vulnerabilities that enabled it.

Datadog’s APM Security View helps you efficiently detect and mitigate attacks and quickly resolve security incidents to ensure that your applications are reliable, performant, and secure. Powered by Datadog App and API Protection (AAP), APM Security View surfaces security data within the Service Catalog, the Service Page, and Datadog distributed tracing to help you detect attacks against APM-instrumented services and quickly remediate those attacks using code-level insight. And by identifying risks from known vulnerabilities in third-party libraries, APM Security View can help you reduce your exposure to future attacks.

In this post, we’ll show you how APM Security View helps you:

APM Security Views shows top countries with suspicious requests, suspicious requests by type, top attacks attempted, and security signals.

Identify high-risk services in the Service Catalog

The Datadog Service Catalog centralizes knowledge about all your services, giving your teams key information about each service’s dependencies—as well as owner contact information and on-call schedules—that they can use for troubleshooting and incident management. The Service Catalog also includes the APM Security View, which surfaces key security data that can help teams proactively identify vulnerable services and quickly respond to malicious activity.

Spot vulnerabilities that attackers can exploit

Datadog AAP automatically detects vulnerabilities in open source packages—which often comprise the majority of an application’s code—and APM Security View surfaces that information within the Service Catalog and the Service Page. This shows your actual risk exposure by listing vulnerabilities that affect services running in production—as opposed to a stale branch or a development commit—and sorts them by severity to highlight the greatest potential impact.

APM Security View also lets you quickly understand your exposure to attacks, including an overview of suspicious requests and the most common attempted attacks. By combining information about runtime vulnerabilities and exposure to attacks, APM Security View gives teams a full understanding of each service’s security risk so they can prioritize their remediation efforts. And seeing risk information inside the Service Page enables collaboration between incident responders, service owners, and on-call engineers to efficiently respond to attacks, patch vulnerabilities, and minimize risk.

APM Security View shows top users with suspicious requests, top attacks attempted, and vulnerabilities sorted by severity.

Note that the data APM collects allows it to provide only partial visibility into recent and ongoing attacks. To gain complete visibility into attacks against your services, you can easily enable AAP to monitor all activity. AAP collects all relevant data to provide complete information about every attack, including a description of the attack and actionable remediation steps. Vulnerability details include a link to the relevant entry in the Common Vulnerabilities and Exposures (CVE) database, a list of other services affected, information about the affected library, and remediation steps. AAP is powered by APM libraries, so you can benefit from it right away without deploying another agent.

Track security signals to detect attacks

You can rely on monitors to notify you of an anomaly such as an increased rate of requests to your service, but it’s important to determine whether that traffic is legitimate or is a sign of an attack. Datadog automatically evaluates your application’s activity against security detection rules to differentiate malicious requests from legitimate traffic. If the traffic to your services violates any detection rules—possibly indicating an attack—Datadog generates a security signal and surfaces the details in the Service Catalog.

If an attacker has exploited a vulnerability—for example SSRF or Log4Shell—you’ll see a signal that shows you the type of attack, related logs and signals, and recommended remediation actions. Security signals provide high-quality, actionable information that spotlights an ongoing security issue. While a detected vulnerability indicates that a service could be at risk, a security signal indicates a higher priority concern—an actual attack against the service. You can sort the APM Security View to quickly find services with signals to focus your remediation efforts on exploited vulnerabilities over latent ones. And you can click any signal to pivot to the Service Page, which shows you more information about the service’s risks alongside its complete performance and reliability data.

Datadog's in-house threat detection team maintains more than 100 out-of-the-box security detection rules to help you quickly set up in-depth security.
A screenshot shows a list of services in the APM Security View, sorted by the number of security signals associated with each service.
Datadog's in-house threat detection team maintains more than 100 out-of-the-box security detection rules to help you quickly set up in-depth security.

The severity of a security signal conveys the level of risk to the service, and APM Security View helps responders see which signals are critical. Responders can quickly initiate and coordinate their remediation efforts using the service information provided in the Service Catalog, including documentation and details of the underlying infrastructure. For deeper insight into the issue, users can pivot to AAP to see which libraries are vulnerable and which other services may be affected.

To fully understand an attack, you need to see how it propagates through your services. Datadog distributed tracing provides powerful visualization and analysis tools to help responders identify the context and scope of an attack.

By showing you all the endpoints in the path of the attack, an APM flame graph illustrates its impact. If the flame graph shows that the attack targeted a critical component of your application—for example, a data store that holds inventory or user account information—responders can quickly grasp the potential impact of the attack and reach out to collaborate with the relevant teams.

A flame graph illustrates all the service calls stemming from an initial malicious request.
A flame graph shows that a vulnerability was triggered in the web store service.
A flame graph illustrates all the service calls stemming from an initial malicious request.

If the flame graph indicates that an attack is a threat to your application’s security or your business operation, you can leverage AAP’s code-level visibility to quickly pinpoint the code that you need to fix to remediate the issue. AAP incorporates our source code integration to show you the function in which the vulnerability was triggered, so developers quickly know where to focus their remediation effort.

Get a deeper view into your services’ security

APM Security View surfaces insights from AAP to help you understand your high-risk services. If you’re an APM customer, you can start using AAP to gain complete visibility into your security signals and understand the full scope of the threats against your services. AAP utilizes the same APM libraries that you’ve already deployed, so you can start using it right away. See our documentation and demo video for more information about how you can use AAP to quickly remediate exposed vulnerabilities and reduce your mean time to resolution (MTTR).

If you’re not yet using Datadog, you can start today with a 14-day free trial.