惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
大猫的无限游戏
大猫的无限游戏
爱范儿
爱范儿
Martin Fowler
Martin Fowler
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Register - Security
The Register - Security
IT之家
IT之家
博客园_首页
Microsoft Security Blog
Microsoft Security Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
I
InfoQ
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
Apple Machine Learning Research
Apple Machine Learning Research
M
MIT News - Artificial intelligence
博客园 - Franky
C
Check Point Blog
T
The Blog of Author Tim Ferriss
V
Visual Studio Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
T
Tailwind CSS Blog
Recent Announcements
Recent Announcements
云风的 BLOG
云风的 BLOG
美团技术团队
The Cloudflare Blog
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MyScale Blog
MyScale Blog
The GitHub Blog
The GitHub Blog
D
DataBreaches.Net
Google DeepMind News
Google DeepMind News
V
V2EX
aimingoo的专栏
aimingoo的专栏
GbyAI
GbyAI
G
Google Developers Blog
S
SegmentFault 最新的问题
Hugging Face - Blog
Hugging Face - Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
U
Unit 42
罗磊的独立博客
量子位
MongoDB | Blog
MongoDB | Blog
Last Week in AI
Last Week in AI
Stack Overflow Blog
Stack Overflow Blog
小众软件
小众软件
D
Docker
人人都是产品经理
人人都是产品经理

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
Datadog's approach to DevSecOps: An executive perspective
2024-01-17 · via Datadog | The Monitor blog
Jeremy Garcia

Editor’s note: Jeremy Garcia, VP of Technical Community and Open Source at Datadog, explains why fostering an organization-wide culture and practice of DevSecOps is essential for deploying resilient, secure applications and services.

Over the past decade, DevSecOps has become a popular buzzword in the tech industry. But even before that, it had established its role in addressing a long-standing problem: siloed workstreams between DevOps and security teams, which weaken an organization’s security posture and bog down software development and release cycles.

For many organizations, the practice of securing infrastructure and applications has typically been perceived as operating from within an ivory tower. Security practices, tools, and workflows were isolated from development and operations. Developers often saw security practices as blockers that pulled them away from their projects late in the game. Likewise, security engineers had no view or understanding of development workflows or exactly what was deployed into pre-production and production environments. The accelerated emergence of DevSecOps can be attributed to its effectiveness at breaking down these barriers.

Why DevSecOps?

Early in my career, I worked as an SRE at a few organizations that had siloed security functions. That was frustrating at the time, and in retrospect I can also see that it really hurt the organizations’ security posture. There was no shared vernacular, context, or goals among developers, operations, and security folks. The result was constant tension and a decrease in both software release velocity and security coverage.

Later, as an engineering manager who was responsible for a large portion of a company’s infrastructure, I inherited a small bit of the security function for it. As I tried to build relationships and connections with the main security org, it became clear that not only were these silos deeply rooted in culture but they were reinforced and exacerbated by disparate tools, data sets, and incentives. This disconnect created teams with unaligned goals, language, and context, which made effective and collaborative security workflows—including those that are part of setting up and scaling infrastructure, creating an observability strategy and implementing monitoring tools, and responding to incidents—an almost impossible task.

Like DevOps, which evolved to break down barriers between the obfuscated and specialized worlds of developers and operations, DevSecOps is more than just a set of tools and processes. It represents a fundamental shift in culture: making security a foundational part of all workstreams. Unifying workstreams benefits organizations in several ways. It shortens the feedback loop between engineering and security teams, enabling them to troubleshoot security issues faster. It empowers engineers to contribute to security guidelines for their features and to ask questions about how to make them more secure by design, from the start. And unified workstreams give security teams the context and understanding they need to conduct higher-quality investigations and security reviews, and easily share their findings with others. Together, these benefits result in applications and infrastructure that are more resilient. And when security issues are discovered and remedied earlier, preferably before they hit production, they are less expensive to address.

DevSecOps in practice

When we talk about making security an integral part of DevOps, we often don’t know what that should look like. In practice, security can take advantage of tooling that’s already in use, such as automation—which already plays an important role in successful DevOps. For example, collaboration between security and engineering allows for a common set of rules to be defined and appropriately applied in a CI/CD pipeline, minimizing friction. This prevents vulnerabilities from propagating throughout the runtime environment, where they would be more expensive to solve—not to mention the headache it causes developers to stop working on new features and hunt down and fix the offending code or dependency.

Integrating security with DevOps also applies to monitoring. Any system that creates shared context through a unified view of telemetry data across multiple teams will not only provide greater visibility into application and infrastructure health but also security posture. It also facilitates the cultural change needed to adopt DevSecOps successfully.

One example of DevSecOps in practice is embedding security engineers into platform engineering teams. When the monitoring context is consistent, embedded teams like this have a much higher chance of success. This transition also fosters programs like Security Champions, who can advocate for security best practices within individual teams. Programs like these have been extremely successful here at Datadog as well as for our customers.

DevSecOps inside Datadog

As with any trendy buzzword, it’s easy to be skeptical of it—and I admit that I have been somewhat skeptical of the term “DevSecOps.” But it’s a term the industry is now using and a shared vernacular that everyone understands has value. What I am not skeptical of is the benefit of security, development, and operations folks working together and not being in silos. And we’ve seen the results of this here at Datadog.

We know that security and observability go hand-in-hand in building reliable applications, so we take a holistic approach to fostering DevSecOps culture and tooling both in our internal operations and throughout our products. A core goal for us is to create strong communication channels across formerly isolated teams. Having shared context for evaluating the health of our systems in both pre-production and production environments is critical for supporting our organization’s continued transformation. This also helps us ensure that developers are responsible for and—more importantly—empowered to secure the code they write.

We’ve seen firsthand how shared context and collaboration is integral to successful security practices. Our engineering and product teams conduct many of their own security reviews and share their findings with our core security team, giving them a starting place for research. The security team then shares any additional insights with engineering and product, which informs their development decisions. We also integrate security into our overall site reliability goals by creating dedicated SLIs and SLOs for vulnerability management. All of this information is available in the Datadog platform, ensuring that every team is working with the same sets of data.

“At Datadog, our security teams are structured to optimize for automation and collaboration,” says Bianca Lankford, Datadog’s Vice President of Security Engineering. “Our approach to DevSecOps starts with leveraging Datadog’s security suite, namely Cloud SIEM, configured to our own business and security requirements. Using a tool like Cloud SIEM, optimized for automation, allows us to have a SOCless model. We are able to automate both detection and response by using fine-tuned security signals. We leverage Datadog Incident Management to help auto-declare incidents for critical alerts or cases for findings that need more attention in order to triage. Throughout the entire automation cycle, our security engineers collaborate with product teams to enhance and grow our tooling. Security teams also work closely with engineering to create better auto-detections, and collaborate closely with SRE teams to ensure that security is part of the entire production support life cycle.”

These are just a few examples that show how a DevSecOps culture encourages a bidirectional pathway between security and infrastructure teams, making security more accessible throughout our organization.

Break down security silos with Datadog

With today’s evolving threat landscape, integrating and streamlining security workflows has become more important than ever. We’ve already seen the benefits of this internally, as well as its value in protecting our customers’ applications and infrastructure. To learn more about Datadog’s security offerings, check out our security documentation. If you don’t already have a Datadog account, you can sign up for a free 14-day trial today.