• Advertise
  • Subscribe
  • Forums
  • Buyer's Guide
  • Contact Us
  • Connect on LinkedIn
    1. Cybersecurity

    Datadog discusses future of Cloud SIEM, visibility for MongoDB at AWS re:Invent

    Dec. 2, 2024
    Announcements include deep cluster- and query-level visibility for MongoDB, AWS integrations, and a modern approach to Cloud SIEM.
    674df17e003c3c490d61e301 Datadog Logo

    Datadog at re:Invent 2024

    Datadog, Inc., a monitoring and security platform for cloud applications, today at AWS re:Invent highlighted its continued investment in its Amazon Web Services (AWS) monitoring product portfolio, which covers all aspects of a customer's tech stack, including AI/ML applications as well as serverless and containerized environments. Customers like AppFolio, andsafe, Asana, Maersk, Cash App, Sweetgreen, The PlayStation Network, and Twilio use Datadog to monitor AWS services through more than 100 unique integrations with Datadog.

    "We continue to see companies rely on Datadog for enterprise-scale observability at an accelerated rate," said Yanbing Li, Chief Product Officer at Datadog. "Trends like AI/ML, cloud migration, serverless, and containers—and the need to monitor and optimize resources for all these areas—have helped to accelerate this growth as companies search to better understand their LLM usage, infrastructure performance, and cloud costs."

    Datadog now offers over 100 unique AWS service integrations, including for AI/ML services:

    • AWS Trainium and AWS Inferentia ML chip monitoring to help customers optimize model performance and resource efficiency, prevent service interruptions, and scale their infrastructure as ML workloads grow.
    • Amazon Q to help developers easily query and interact with Datadog directly in the AWS Management Console, using natural language.
    • Amazon Bedrock allows teams to monitor their AI models' FM usage, API performance, and error rate with runtime metrics and logs.
    • Amazon SageMaker allows data scientists and engineers to collect, visualize, and alert on Amazon SageMaker metrics so they can flag issues quickly and identify opportunities to improve the performance of ML endpoints and jobs.

    "The Datadog LLM Observability solution helps our team understand, debug, and evaluate the usage and performance of our GenAI applications. With it, we are able to address real-world issues, including monitoring response quality to prevent negative interactions and performance degradations, while ensuring we are providing our end users with positive experiences," said Kyle Triplett, VP of Product at AppFolio.

    "We explored a bunch of different hosted solutions and found that SageMaker solved all the problems that we were encountering. And we did some stress testing with it, and it held up to the traffic that we expected to be sending through the system," said James Adams, Machine Learning Engineering Manager at Cash App. "With Datadog, it has all these AI integrations—including SageMaker—that we're using heavily."

    "andsafe has been all in on Amazon Web Services since day one, and our infrastructure is based on microservices that are running on Amazon EKS," said Marcel Drechsler, Senior Cloud Solutions Engineer at andsafe. "To monitor the resource consumption, we are utilizing the container monitoring tools of Datadog. As a result, we were able to decrease the resource consumption and make the process much faster."

    Learn more about how Datadog helps teams monitor every layer of their AWS environments, and visit Datadog at AWS re:Invent 2024 at booths #832 and #1728. Datadog will host a webinar to recap the announcements made at re:Invent—register here.

    Cloud SIEM

    Datadog today announced its modern approach to Cloud SIEM, which doesn't require dedicated staff or specialized teams to activate the solution. This approach makes it easy for teams to onboard, de-risk migrations, and democratize security practices while disrupting traditional models, which can be costly and resource intensive.

    Existing SIEM (security information and event management) solutions face several significant challenges that put security teams at risk. Traditional SIEMs often struggle to integrate data from diverse sources, leading to fragmented visibility and delayed detection and response. As organizations grow and data volumes increase, legacy systems and their required dedicated teams become overwhelmed, resulting in inefficiencies at cloud scale and rising operational costs. The high amount of false-positive alerts from these traditional solutions can also lead to alert fatigue, causing critical threats to be overlooked.

    Datadog's Cloud SIEM leverages modern architectures and machine learning to address these challenges and emphasize agility, scalability, cost-efficiency, and real-time threat detection. Organizations like Lenovo, FanDuel, Carvana, the University of Alabama at Birmingham (UAB), and Vanilla Technologies rely on this modern approach to rapidly onboard new sources for threat detection, help them prioritize security investigations, and resolve issues quickly.

    "Datadog Cloud SIEM's ability to add custom data sources helps the SOC at UAB improve our alerts. Using specific facets, we are able to create high-fidelity alerts and can pivot into investigating and responding seamlessly. This overall has improved our security posture," said Daniel Studdard, Information Security Engineer at the University of Alabama at Birmingham.

    As part of Datadog's unified platform, features of Cloud SIEM include:

    • Risk-Based Insights: Teams can correlate real-time signals and findings into entities in order to streamline the way security teams prioritize investigations. Risk scoring includes cloud security management insights such as misconfigurations and identity risks, as well as expanded entity types like S3 buckets, EC2 instances, and SAML and web users, to help teams detect, prioritize, and respond to threats.
    • 15-Month Retention: Datadog offers 15-month retention and Flex Logs with Cloud SIEM to provide customers with a flexible economic model that delivers powerful threat detection capabilities without overspending. This flexible approach allows organizations to scale security operations as needed while optimizing resources, enabling cost efficiency without sacrificing performance.
    • Security Operational Metrics: Cloud SIEM provides deep insights into the performance of security teams, helping to assess how effectively they respond to and resolve threats in cloud environments. These metrics are readily available through pre-built dashboards and detailed reports, offering valuable data such as detection rule coverage, alert response times, and investigation outcomes that help teams continuously optimize their threat response strategies.
    • Content Packs and Out-of-the-Box Integrations: With pre-built detection rules, dashboards, and workflow automation tools tailored to integrations with leading technologies, organizations can leverage out-of-the-box content to accelerate threat detection and response. More than 30 integrations and content packs have been added in the past six months, including Abnormal Security, Atlassian Organization Logs, Cisco Secure Endpoint, Cisco Umbrella DNS, GitLab Audit Logs, Imperva WAF logs, Lastpass, Mimecast, SentinelOne, Sophos Central Cloud, Trend Micro Email Security, Trend Micro Vision One XDR, and more.
    • Datadog Security Labs: Backed by Datadog's Threat Detection Research and Engineering team, Cloud SIEM ensures continuous innovation and momentum in threat detection. With unparalleled expertise and data insights, Datadog empowers organizations to not only migrate seamlessly but also stay ahead of emerging threats in today's evolving security landscape.

    "Today's security threats require a modern approach that can help teams reliably detect, prioritize, investigate, and resolve issues," said Yash Kumar, Senior Director of Product at Datadog. "Datadog's Cloud SIEM delivers that modern approach with a unified platform for observability and security that provides easy onboarding into the product with out-of-the-box content, deep threat detection, full-stack context, and visualizations."

    To learn more about Datadog Cloud SIEM, please visit: https://www.datadoghq.com/product/cloud-siem/.

    Deep Cluster- and Query-Level Visibility for MongoDB

    Datadog also announced that its Database Monitoring product now observes MongoDB databases. With today's announcement, Datadog Database Monitoring supports the five most popular database types—MongoDB, Postgres, MySQL, SQL Server, and Oracle.

    Traditional monitoring tools typically only allow organizations to monitor either their databases or their applications. This can lead to slow and costly troubleshooting that results in frustration from database and application teams, extended downtime, and a degraded customer experience. Datadog Database Monitoring enables application developers and database administrators to troubleshoot and optimize inefficient queries across database environments. With it, teams can easily understand database load, pinpoint long-running and blocking queries, drill into precise execution details, and optimize query performance to help prevent incidents and spiraling database costs.

    "Replication failures or misconfigurations can result in significant downtime and data inconsistencies for companies, which may impact their application performance and reliability. That's why maintaining high availability across clusters with multiple nodes and replicas is critical," said Omri Sass, Director of Product Management at Datadog. "With support for the top five database types in the industry, Datadog Database Monitoring gives teams complete visibility into their databases, queries, and clusters so that they can maintain performant databases and tie them to the health of their applications and success of their businesses."

    Datadog Database Monitoring helps teams:

    • Ensure high availability of databases: By providing a comprehensive list of database clusters alongside critical metrics like queries per second, reads and writes per second, and replication details, teams can monitor overall cluster performance at a glance, detect potential issues early, and take preventative measures.
    • Optimize query and database performance: Teams track key query performance metrics—like latency, execution time, and volume of data queried—to quickly detect long-running transactions, high-impact blockers, and missing indices while receiving proactive recommendations to fix these issues.
    • Resolve database and application issues faster: By integrating database monitoring and application performance monitoring, Datadog's unified platform correlates health metrics and distributed traces with query metrics and explain plans in one view in order to accelerate root cause analysis of high latency, leading to faster triage and resolution of issues.

    MongoDB's document model streamlines the process of building data-driven applications with a developer-friendly query language and a flexible data model that is easy to work with and easy to scale. The newly added support for MongoDB by Datadog Database Monitoring makes it easier for joint customers to maximize performance by optimizing deployment and infrastructure allocation, for example, by analyzing resource usage and overlapping workloads to make the most of available resources.

    "As enterprises take advantage of today's increasingly data-intensive workloads, it's critical that they have the tools needed to deploy high-performing applications with complete confidence," said Will Winn, Senior Director of Partners at MongoDB. "Customers trust MongoDB for its superior performance and flexibility, and now that Datadog Database Monitoring supports MongoDB, ensuring high availability and seamless performance of MongoDB database clusters is even easier."

    Datadog Database Monitoring's support for MongoDB is now generally available. To learn more, please visit: https://www.datadoghq.com/blog/mongodb-database-monitoring/.

    Im 258080