Datadog Workload Protection is helping Zulily with our PCI compliance. File Integrity Monitoring in particular is a standout. Additionally, the insights we get into the security of our Docker and Kubernetes environments will help us find and fix issues faster in the future.
Daniel Kasen
Lead Software Engineer, Zulily
Feature Overview
Datadog Workload Protection performs deep, in-kernel analysis of workload activity across your Linux and Windows hosts and containers to uncover threats. Datadog researches, develops, and packages out-of-the-box threat detection, with the ability to customize security rules to extend coverage to your whole environment. Workload Protection uses your existing Datadog Agent, so you can get started in minutes.
Deep workload activity monitoring
- Uncover threats in your hosts and containers with performant, in-kernel analysis of your Windows and Linux workload activity
- Examine and triage security alerts with full file and process context
- Detect threats at runtime with real-time, continuous monitoring
- Gain unparalleled visibility into your workloads with support for most major Linux distributions, Windows Servers, AWS Fargate, Docker, and Containerd
Turn-key workload threat detection
- Leverage curated out-of-the-box workload threat detection rules researched, developed, and maintained by Datadog
- Start immediately with baseline rules automatically included in the Datadog Agent
- Write custom detection rules to extend your coverage based on unique aspects of your environment
Start quickly, scale efficiently
- Get started in minutes by activating Workload Protection on the unified Datadog Agent
- Reduce complexity for your operations team by leveraging the same monitoring platform they’re familiar with
- Increase operational efficiency and reduce total cost of ownership through Datadog’s 900+ integrations
Superior File Integrity Monitoring
- Detect problems as they crop up and maintain critical file controls in real time with Datadog File Integrity Monitoring (FIM)
- Collect file change events using the existing Datadog Agent to ensure scalability and minimal resource overhead
- Get deep visibility into file activity across your entire environment with full support for both containers and hosts