Datadog helps us detect attacks against our serverless applications, and triggers an automated response to block those attempts as they happen. App and API Protection was simple to enable and further configure to meet our needs.
Micha Katz
CISO, Yellow Card
Feature Overview
Datadog App & API Protection helps Security and DevOps teams secure APIs with unified visibility, posture management, and runtime protection. Unlike traditional Web Application Firewalls or niche API security solutions, Datadog delivers scalable, code-aware security using the same platform teams already trust for observability.
Comprehensive API Security
- Continuously discover and monitor all APIs—including undocumented and shadow APIs
- Detect OWASP API Top 10 risks and leverage integrations (code ownership, tagging) for effective remediation
- Protect API endpoints by blocking specific IPs, users, or requests
Protect Against Runtime Threats
- Visualize how attacks propagate across services with end-to-end attack flows
- Investigate easily by pivoting to related stack traces, errors, and logs
- Block malicious requests, users, or IPs in real time, at the edge or in-app
Defend Against Business Logic Abuse
- Instrument sensitive flows (login, checkout, account recovery) in minutes
- Detect and respond to attacks like Account Takeover and Credential Stuffing
- Filter out noise with built-in rules that prioritize real business risks
Flexible Deployment and Protection
- Choose between in-app tracer-based or and perimeter-based deployment options
- Block threats at the Edge (WAF, CDN, Load Balancer, Reverse Proxy) or in-app service layer using Datadog’s integration and control plane