Datadog launches Application Security Monitoring. The solution blocks attacks on vulnerabilities in APIs and web applications, including server-side request forgeries (SSRFs), SQL injections and cross-site scripting (XSS).
According to research by Forrester, applications are one of the most prominent causes of successful cyberattacks. APIs, open-source libraries and containers make application security increasingly complex. More and more cybercriminals focus on finding vulnerabilities in code.
When an application runs in a legacy environment, a single vulnerability can prove enough to breach a network. Datadog aims to tackle the problem with Application Security Monitoring (ASM), a solution for developers, operations and security professionals.
Datadog Application Security Monitoring
ASM monitors APIs and apps to identify attacks. Common attack types immediately float to the surface, including SSRFs, SQL injections and cross-site scripting. The IP addresses of suspicious traffic are prioritized. ASM lays out attacks in detailed steps, providing developers with a guideline for improving vulnerable applications.
The solution is agent-based. Adding the Datadog library to an application connects the app to the system. Datadog uses the same library as an agent for Datadog Application Performance Monitoring (APM), an existing monitoring tool. Organizations that presently work with APM do not need to deploy a new agent.
Datadog ASM integrates with Datadog’s cloud security portfolio, including Cloud Security Posture Management (CSPM) and Cloud Workload Security (CWS). Threat intelligence from the latter solutions is available. One of the advantages is that Datadog ASM can rapidly respond to known, suspicious IP addresses.
Datadog tackles an important problem. Research by Salt Security shows that the number of API attacks has increased by almost 700 percent in the past year. API security solutions are highly needed, but regularly leave something to be desired. Some organizations assume that Web Application Firewalls and API Gateways offer sufficient protection. Both measures block suspicious traffic, but fail to solve the underlying problem.
Vulnerabilities in APIs regularly arise from misconfigurations. Vulnerabilities in applications regularly stem from the source code. Datadog ASM traces the steps of an attacker to guide developers in developing a more secure product. Salt Security and Noname Security are successfully tackling the problem as well.