惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
P
Palo Alto Networks Blog
T
ThreatConnect
Apple Machine Learning Research
Apple Machine Learning Research
博客园_首页
T
True Tiger Recordings
P
Privacy & Cybersecurity Law Blog
B
Blog
IT之家
IT之家
Last Week in AI
Last Week in AI
F
Full Disclosure
Hacker News: Ask HN
Hacker News: Ask HN
C
Comments on: Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
N
News and Events Feed by Topic
NISL@THU
NISL@THU
腾讯CDC
雷峰网
雷峰网
Security Latest
Security Latest
李成银的技术随笔
M
Microsoft Research Blog - Microsoft Research
L
LangChain Blog
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Check Point Blog
Y
Y Combinator Blog
Recent Announcements
Recent Announcements
博客园 - Franky
N
News | PayPal Newsroom
V
V2EX
A
About on SuperTechFans
The Register - Security
The Register - Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
MyScale Blog
MyScale Blog
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
WordPress大学
WordPress大学
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
爱范儿
爱范儿
A
Arctic Wolf
L
LINUX DO - 最新话题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

Datadog | The Monitor blog

How to audit and clean up monitors effectively How we made a SQL query optimization agent 59% more accurate using autoresearch and LLM Observability Reduce CVE noise with OpenVEX assessments in Datadog Diagnose slow PostgreSQL queries faster with explain plan correlation Explore Datadog metrics with Natural Language Queries Attribute AI costs across providers with Datadog Cloud Cost Management Simplify micro-frontend observability with Datadog RUM Toto 2.0: Time series forecasting enters the scaling era Diagnose and resolve database performance issues faster with Database Investigator Datadog for Government achieves FedRAMP® High certification Analyze cloud costs with flexible spreadsheets in Datadog Sheets Inside Datadog’s AI Research Lab: Meet two PhD candidates behind Toto Connect triage and investigation in a single workflow with Datadog Cloud SIEM This Month in Datadog - April 2026 Monitor and optimize Supabase query performance with Datadog Database Monitoring Add dynamically updating context to logs with Reference Tables and Observability Pipelines Introducing ARFBench: A time series question-answering benchmark based on real incidents Test network paths with TCP, UDP, and ICMP in Datadog The product signal latency gap slowing your growth How to investigate cloud credential compromise with Bits AI Security Analyst Evaluate, optimize, and secure your Google Cloud AI stack with Datadog Turn developer feedback into operational insight with Datadog Forms and Sheets Identify and fix code issues faster with Datadog’s Azure DevOps Source Code integration Steganography at scale: Embedding share URLs in Datadog widget screenshots Bringing observability data hosting to the UK on AWS Centralize observability management with Datadog Governance Console Every team should be A/B testing Manage service tracing across hosts with Single Step Instrumentation rules Route OTel data from AI apps to ClickHouse and Datadog using Observability Pipelines Spotting CI/CD misconfigurations before the bots do: Securing GitHub Actions with Datadog IaC Security Detect runtime threats in Python Lambda functions with Datadog AAP Offline evaluation for AI agents: Best practices Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API How we built a real-world evaluation platform for autonomous SRE agents at scale Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure When upserts don't update but still write: Debugging Postgres performance at scale Annotate traces to improve LLM quality with Datadog LLM Observability What's new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog's platform in the AI age: The role of observability data Closing the verification loop: Observability-driven harnesses for building with agents Closing the verification loop, Part 2: Fully autonomous optimization When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Designing MCP tools for agents: Lessons from building Datadog's MCP server Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Fine-tune Toto for turbocharged forecasts Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog How we reduced the size of our Agent Go binaries by up to 77% Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale
Integrate Recorded Future threat intelligence with Datadog Cloud SIEM
2026-04-09 · via Datadog | The Monitor blog

Recorded Future provides real-time threat intelligence about indicators of compromise (IOCs), including malicious IP addresses, domains, and vulnerabilities. It also adds context on threat actors and campaigns to help security teams understand which signals represent real risk and prioritize their responses accordingly.

Datadog supports threat intelligence through capabilities such as Bring Your Own Threat Intelligence (BYOTI) and built-in threat feeds. The Recorded Future integration, our first threat intelligence integration, builds upon this foundation by delivering threat intelligence in Datadog without the overhead of managing custom feeds. It automatically enriches security logs with context such as risk scores and threat associations, enabling faster triage and more confident responses to threats.

In this post, we’ll cover how the integration helps you:

Continuously enrich logs with Recorded Future threat intelligence feeds

Recorded Future provides threat intelligence feeds that include live risk lists for IP addresses, file hashes, and domains. Datadog pulls these feeds directly into the platform and ingests the top 100,000 threats per category. It focuses on indicators that have a Recorded Future risk score above 65 and uses this data to continuously enrich security logs.

When a log event references a known malicious IP address or suspicious file hash, Datadog automatically surfaces the relevant context alongside the event. Indicators are refreshed on Recorded Future’s recommended cadence to keep enrichment data current as threat activity changes over time.

Capture Recorded Future alerts in Datadog

In addition to enrichment, the integration brings Recorded Future Classic Alerts and Playbook Alerts into Datadog. These alerts represent externally generated detections based on Recorded Future’s intelligence. Examples include suspicious infrastructure, emerging threats, and activity tied to known campaigns.

By ingesting these alerts directly into Datadog, you can investigate the corresponding signals alongside your application and infrastructure telemetry data. The unified Datadog view makes it easier to correlate external threat signals with internal activity, determine whether an alert is relevant to your environment, and take action without switching tools.

Correlate threat intelligence with Cloud SIEM signals

The integration delivers its deepest value by correlating Recorded Future intelligence with Cloud SIEM signals. Teams can more easily detect and prioritize malicious activity that might otherwise blend into background noise.

For example, a web application log might show repeated authentication attempts from a single IP address. On its own, this activity could look like routine scanning. But when that IP address matches a Recorded Future indicator that has a high risk score or is associated with active threat activity, Datadog enriches the event with that context. Cloud SIEM out-of-the-box (OOTB) detection rules then use that context to elevate the signal, helping analysts focus on activity that is more likely to represent a real threat. You can investigate and respond faster, without manual enrichment or triage.

Bits AI automatically uses this context to speed up triage, and you can analyze related activity for those indicators in the IOC Explorer.

Get started quickly with the Recorded Future Content Pack

To help teams get started quickly, we’re introducing the Recorded Future Content Pack for Cloud SIEM. The Content Pack includes six OOTB detection rules that use Recorded Future intelligence to identify malicious DNS activity, suspicious IP traffic, and Recorded Future alerts across severity levels for prioritized threat response.

Detection rules in Datadog Cloud SIEM showing Recorded Future alerts and threat-based rules for malicious IP and domain activity across multiple severity levels.
Detection rules in Datadog Cloud SIEM showing Recorded Future alerts and threat-based rules for malicious IP and domain activity across multiple severity levels.

The Content Pack also includes prebuilt dashboards that consolidate Recorded Future alert activity and threat feed data into a unified view. The dashboard view helps analysts quickly understand what types of threats are showing up most frequently in their environment and how risky these threats are.

The dashboard shows:

  • Types of activity, such as scanning, malware behavior, proxy traffic, and reconnaissance
  • Specific IP addresses and domains that appear frequently, which are often a strong signal of persistent or automated activity
  • Top indicator types detected (for example, domains vs. IP addresses)
  • IP addresses with the highest risk
  • Frequency and classification of indicators
Dashboard showing Recorded Future threat intelligence data, including top indicator categories, frequently seen IP addresses, indicator type distribution, and high-risk indicators.
Dashboard showing Recorded Future threat intelligence data, including top indicator categories, frequently seen IP addresses, indicator type distribution, and high-risk indicators.

You no longer have to manually correlate threat intelligence with logs. Datadog automatically enriches your security data and prioritizes relevant signals in one place.

Get started with Recorded Future in Cloud SIEM

Recorded Future threat intelligence in Datadog Cloud SIEM helps teams strengthen their security posture with unified, actionable context. By combining threat intelligence and security signals in one platform, teams can speed up investigations and respond more effectively. To set up the integration, check out the Recorded Future integration documentation. You can also get started with the Content Pack.

If you’re new to Datadog, you can sign up for a free 14-day trial.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。