惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
P
Palo Alto Networks Blog
T
ThreatConnect
Apple Machine Learning Research
Apple Machine Learning Research
博客园_首页
T
True Tiger Recordings
P
Privacy & Cybersecurity Law Blog
B
Blog
IT之家
IT之家
Last Week in AI
Last Week in AI
F
Full Disclosure
Hacker News: Ask HN
Hacker News: Ask HN
C
Comments on: Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
N
News and Events Feed by Topic
NISL@THU
NISL@THU
腾讯CDC
雷峰网
雷峰网
Security Latest
Security Latest
李成银的技术随笔
M
Microsoft Research Blog - Microsoft Research
L
LangChain Blog
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Check Point Blog
Y
Y Combinator Blog
Recent Announcements
Recent Announcements
博客园 - Franky
N
News | PayPal Newsroom
V
V2EX
A
About on SuperTechFans
The Register - Security
The Register - Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
MyScale Blog
MyScale Blog
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
WordPress大学
WordPress大学
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
爱范儿
爱范儿
A
Arctic Wolf
L
LINUX DO - 最新话题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

Datadog | The Monitor blog

Reduce CVE noise with OpenVEX assessments in Datadog How we made a SQL query optimization agent 59% more accurate using autoresearch and LLM Observability How to audit and clean up monitors effectively Diagnose slow PostgreSQL queries faster with explain plan correlation Explore Datadog metrics with Natural Language Queries Toto 2.0: Time series forecasting enters the scaling era Simplify micro-frontend observability with Datadog RUM Attribute AI costs across providers with Datadog Cloud Cost Management Diagnose and resolve database performance issues faster with Database Investigator Datadog for Government achieves FedRAMP® High certification Analyze cloud costs with flexible spreadsheets in Datadog Sheets Inside Datadog’s AI Research Lab: Meet two PhD candidates behind Toto Connect triage and investigation in a single workflow with Datadog Cloud SIEM This Month in Datadog - April 2026 Monitor and optimize Supabase query performance with Datadog Database Monitoring Add dynamically updating context to logs with Reference Tables and Observability Pipelines Introducing ARFBench: A time series question-answering benchmark based on real incidents The product signal latency gap slowing your growth Test network paths with TCP, UDP, and ICMP in Datadog Turn developer feedback into operational insight with Datadog Forms and Sheets How to investigate cloud credential compromise with Bits AI Security Analyst Evaluate, optimize, and secure your Google Cloud AI stack with Datadog Bringing observability data hosting to the UK on AWS Identify and fix code issues faster with Datadog’s Azure DevOps Source Code integration Steganography at scale: Embedding share URLs in Datadog widget screenshots Every team should be A/B testing Centralize observability management with Datadog Governance Console Spotting CI/CD misconfigurations before the bots do: Securing GitHub Actions with Datadog IaC Security Route OTel data from AI apps to ClickHouse and Datadog using Observability Pipelines Manage service tracing across hosts with Single Step Instrumentation rules Offline evaluation for AI agents: Best practices Detect runtime threats in Python Lambda functions with Datadog AAP Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API How we built a real-world evaluation platform for autonomous SRE agents at scale Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure When upserts don't update but still write: Debugging Postgres performance at scale Annotate traces to improve LLM quality with Datadog LLM Observability What's new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog's platform in the AI age: The role of observability data Closing the verification loop: Observability-driven harnesses for building with agents When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos Closing the verification loop, Part 2: Fully autonomous optimization Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Designing MCP tools for agents: Lessons from building Datadog's MCP server Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Fine-tune Toto for turbocharged forecasts Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog How we reduced the size of our Agent Go binaries by up to 77% Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage
Protect the life cycle of your application code and libraries with Datadog Code Security
2025-06-10 · via Datadog | The Monitor blog

For many organizations, merely detecting vulnerabilities isn’t sufficient anymore for securing their codebase. The real challenge is knowing which vulnerabilities matter the most, who owns them, and how to fix them efficiently. Modern application security tools can quickly overwhelm teams with noisy or false-positive findings, resulting in alert fatigue, longer remediation cycles, and eroding developer trust when security teams flag non-issues. At the same time, security is treated as a separate process from day-to-day development. This means that developers—who often bear the ultimate responsibility for remediation—frequently lack the necessary tools and context for mitigating an issue.

Datadog Code Security bridges these gaps by continuously scanning code and libraries across development, CI/CD, and runtime environments. By integrating with Datadog’s end-to-end observability data, Code Security helps you effectively prioritize the most pressing risks and provides actionable fix recommendations. These capabilities enable teams to ship secure code without slowing down delivery.

In this post, we’ll look at how Code Security prioritizes vulnerabilities, continuously detects them from development to production, and accelerates remediation.

Prioritize the risks that matter most

Not every vulnerability is equally important—only a fraction of critical vulnerabilities are worth prioritizing. Code Security prioritizes vulnerabilities by assessing runtime context and service impact, such as which vulnerabilities are actively running in production services, for both first-party code and third-party libraries. You can review findings for your code and libraries on the Summary page and quickly see your security posture, vulnerabilities that need remediation, and top security risks.

For example, you can filter unresolved library vulnerabilities based on a specific level of risk defined by the Datadog Severity Score. You can also see vulnerabilities grouped by application services, affected libraries, and the teams responsible for resolving them. This range of data and display options gives you a multilayered approach to identifying and prioritizing critical vulnerabilities.

Datadog Code Security shows open library vulnerabilities, filtered by risk.

Drilling into a specific library vulnerability, you can see exactly where in your source code a vulnerable dependency is introduced, as well as which services are running it. For each service, Datadog produces a service-specific severity score to help you prioritize remediation.

A signal showing Datadog's calculated risk score.

To review all of Code Security’s findings from your production codebase, you can navigate to the Vulnerabilities Explorer. Here, you can select a particular finding and drill down into specific issues, such as a SQL injection vulnerability in production code.

Datadog Code Security highlights a high-risk SQL injection in production, complete with stack trace and resolution guidance.

In this detailed view, Datadog also provides clear guidance on where the vulnerability was found in your code and how to fix it. This context enables you to proactively remediate issues and ship fixes faster.

Integrate security into every step of the SDLC

Early detection makes it easier for developers to fix issues quickly and helps reduce overall remediation costs for the organization. Code Security supports developers where they work by continuously scanning code and libraries at each stage of the software development life cycle (SDLC). Whether you’re writing new code, reviewing pull requests (PRs), or monitoring services in production, Code Security helps ensure that critical vulnerabilities don’t slip through the cracks.

Catch issues early in the IDE

Starting with development, Code Security can flag vulnerabilities directly in your IDE, such as VS Code, and provide actionable context and deterministic, suggested fixes. You can also scan your entire local repository directly within your IDE, with Datadog immediately reporting actionable findings. This enables you to systematically work through each issue before they are even committed to your repositories.

Datadog Code Security flags a SQL injection in JavaScript and suggests a fix directly in VS Code.

Automate secure code delivery in CI/CD workflows

In addition to the insights you receive in your IDE, you can integrate Code Security with version control systems like GitHub to act as a code reviewer in your PR workflow. When PRs are opened, Code Security leaves inline comments that flag vulnerabilities, providing detailed context and suggested fixes. You can see exactly where the issue occurs and commit the fix directly from the PR without switching tools. These comments mirror the same remediation guidance available in the IDE and in Datadog, providing a consistent experience across the SDLC.

Datadog Code Security generates an inline comment on a PR.

To further enforce security standards, Code Security also supports Quality Gates for your CI/CD pipeline. Gates enable you to automatically block merges to your default branches based on whether new code or library vulnerabilities are introduced in the pull request.

New PR gate shows configuration for blocking deployments with library vulnerabilities.

Get real-time, continuous visibility into active vulnerabilities in production

Extending beyond development and deployment, Datadog Code Security continuously monitors application security in production, providing real-time visibility into active vulnerabilities affecting specific services. Your Security and Operations teams gain a unified view of application health and risk in a single platform—no need to wait for scheduled scans. This allows teams to identify and respond to active threats faster and prioritize the issues that are actually exploitable and impactful in production.

Remediating vulnerabilities quickly is critical but often delayed by manual handoffs and unclear ownership. Datadog Code Security eliminates these bottlenecks by automatically associating vulnerable services with their code owners, repositories, and responsible teams within Datadog. Flagged vulnerabilities also include auto-generated code fixes, which can be either deterministic or powered by Bits AI. With this context, you can notify the right teams, who can then quickly apply and push critical fixes using Code Security’s one-click PR creation.

Signal shows Code Security's integration with GitHub.

And for a high-level view of the vulnerabilities that your team is working on, Datadog’s custom dashboards let you easily share real-time vulnerability insights with stakeholders or generate regular security posture reports.

Custom dashboard shows Code Security insights for each affected repository.

Together, these capabilities allow you to improve collaboration, unify incident management, and efficiently resolve urgent security risks before they significantly affect your applications and customers.

Secure your source code with Datadog

By integrating vulnerability detection with remediation from development to production, Datadog Code Security uniquely enables teams to deliver secure applications at scale. Check out our documentation to learn more about Code Security. If you don’t already have a Datadog account, you can sign up for a free 14-day trial.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。