Datadog unveils AI-powered security tools for cloud & code

Datadog has introduced a suite of artificial intelligence security tools designed to detect and mitigate risks across cloud and AI environments.
New AI agent
The company has launched Bits AI Security Analyst, an AI agent that autonomously investigates potential threats and supports teams in managing risks with greater efficiency and accuracy. Integrated into Datadog Cloud SIEM, this agent triages security signals—starting with those generated by AWS CloudTrail—and performs detailed investigations into possible threats. Actionable, context-driven recommendations are then provided to help security teams respond more swiftly.
"AI has exponentially increased the ever-expanding backlog of security risks and vulnerabilities organizations deal with. This is because AI-native apps are not deterministic; they're more of a black box and have an increased surface area that leaves them open to vulnerabilities like prompt or code injection," said Prashant Prahlad, Vice President of Products, Security at Datadog.
"The latest additions to Datadog's Security Platform provide preventative and responsive measures—powered by continuous runtime visibility—to strengthen the security posture of AI workloads, from development to production."
Enhancing code security
Datadog Code Security, now generally available, aims to help developers and security teams detect and prioritise vulnerabilities not just in proprietary code but also within open-source libraries. The platform is specifically designed to uncover issues that may be present in large language model (LLM) integrations and AI-powered code, as these can be difficult to identify using traditional static analysis tools. The solution also uses artificial intelligence to facilitate the remediation of complex problems and ranks risks based on runtime activity and business impact.
Deep integrations with widely-used developer environments, including integrated development environments (IDEs) and GitHub, are intended to allow faster remediation workflows without interrupting established development processes.
Strengthening AI application security
With AI-native applications operating autonomously and often in unpredictable ways, new types of attacks such as prompt injection have become more prevalent. Datadog's updated security offerings include features to help organisations implement stronger security controls through measures such as separation of privileges, finely-tuned authorisation, and data classification throughout their AI application landscape and infrastructure.
Datadog LLM Observability, now also generally available, monitors the integrity of AI models, with tools to identify harmful or toxic behaviours across prompts and responses in enterprise AI applications. Other updates to Datadog Cloud Security support compliance with standards such as the NIST AI framework. This suite can uncover and remediate misconfigurations, unpatched vulnerabilities, and instances of unauthorised data or infrastructure access. The Sensitive Data Scanner, now supporting AWS S3 and RDS instances in preview, helps prevent personal or sensitive information from inadvertently being incorporated in LLM training data or inference processes.
Monitoring runtime risks
The complexity of AI-based applications increases the challenge for security analysts to manage alerts, distinguish credible threats from benign signals, and respond in a timely manner. According to Datadog, AI applications are at particular risk of attacks that could lead to resource exhaustion or financial damage if not detected early.
Bits AI Security Analyst is designed to reduce the workload on Security Operations Centres by providing initial investigations and filtering for more relevant threats. The new solution aims to enable teams to act on rich context and prioritised guidance so they can focus resources where they matter most.
Additional updates include Datadog Workload Protection, which now features LLM Isolation capabilities in preview. This enables continuous monitoring of interactions between LLMs and their host environments, helping to detect and prevent exploitation of vulnerabilities while enforcing controls to protect production AI models.
Datadog's new security features encompass Code Security, updated Cloud Security tools, Sensitive Data Scanner, Cloud SIEM, Workload and Application Protection, and expanded abilities within LLM Observability. These updates are designed to give organisations multiple layers of risk mitigation as they increasingly deploy AI in critical workflows.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

NZ Herald

7 hours ago

• NZ Herald

Hawke's Bay runner plans marathon for 115 women killed on runs

Why US$42b DataDog is going all in on AI The enterprise software company DataDog is investing almost US$1b a year into artificial intelligence.

Techday NZ

5 days ago

• Techday NZ

Secure Code Warrior unveils free AI security rules for developers

Secure Code Warrior has released AI Security Rules on GitHub, offering developers a free resource aimed at improving code security when working with AI coding tools. The resource is designed for use with a variety of AI coding tools, including GitHub Copilot, Cline, Roo, Cursor, Aider, and Windsurf. The newly available rulesets are structured to provide security-focused guidance to developers who are increasingly using AI to assist with code generation and development processes. Secure Code Warrior's ongoing goal is to enable developers to produce more secure code from the outset when leveraging AI, aligning with broader efforts to embed security awareness and best practices across development workflows. The company emphasises that developers who possess a strong understanding of security can potentially create much safer and higher-quality code with AI assistance, compared to those who lack such proficiency. Security within workflow "These guardrails add a meaningful layer of defence, especially when developers are moving fast, multitasking, or find themselves trusting AI tools a little too much," said Pieter Danhieux, Secure Code Warrior Co-Founder & CEO. "We've kept our rules clear, concise and strictly focused on security practices that work across a wide range of environments, intentionally avoiding language or framework-specific guidance. Our vision is a future where security is seamlessly integrated into the developer workflow, regardless of how code is written. This is just the beginning." The AI Security Rules offer what the company describes as a pragmatic and lightweight baseline that can be adopted by any developer or organisation, regardless of whether they are a Secure Code Warrior customer. The rules are presented in a way that reduces reliance on language- or framework-specific advice, allowing broad applicability. Features and flexibility The rulesets function as secure defaults, guiding AI tools away from hazardous coding patterns and well-known security pitfalls such as unsafe use of functions like eval, insecure authentication methods, or deployment without parameterised queries. The rules are grouped by development domain—including web frontend, backend, and mobile—so that developers in varied environments can benefit. They are designed to be adaptable and can be incorporated with AI coding tools that support external rule files. Another feature highlighted is the public availability and ease of adjustment, meaning development teams of any size or configuration can tailor the rules to their workflow, technology stack, or project requirements. This is intended to foster consistency and collaboration within and between development teams when reviewing or generating AI-assisted code. Supplementary content The introduction of the AI Security Rules follows several recent releases from Secure Code Warrior centred around artificial intelligence and large language model (LLM) security. These include four new courses—such as "Coding With AI" and "OWASP Top 10 for LLMs"—along with six interactive walkthrough missions, upwards of 40 new AI Challenges, and an expanded set of guidelines and video content. All resources are available on-demand within the Secure Code Warrior platform. This rollout represents the initial phase of a broader initiative to provide ongoing training and up-to-date resources supporting secure development as AI technologies continue to be integrated into software engineering practices. The company states that additional related content is already in development and is expected to be released in the near future. Secure Code Warrior's efforts align with increasing industry focus on the intersection of AI and cybersecurity, as the adoption of AI coding assistants becomes widespread. The emphasis on clear, practical security rules is intended to help mitigate common vulnerabilities that can be introduced through both manual and AI-assisted programming. The AI Security Rules are publicly available on GitHub for any developers or organisations wishing to incorporate the guidance into their existing development operations using compatible AI tools.

Scoop

13-06-2025

• Scoop

Datadog Expands Log Management Offering With New Long-Term Retention, Search And Data Residency Capabilities

Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today at DASH announced new capabilities in its log management suite, which are designed to help organisations optimise logging costs at scale and meet the stringent data retention, auditability and data residency requirements of regulated industries. Logs are critical for threat detection, incident response and audit trails. However, lack of flexibility, high costs and data retention limitations remain roadblocks for security and compliance teams. Financial services, healthcare and insurance companies face similar challenges, having to comply with regulations and maintain full control over sensitive operational data, including their logs. Likewise, organisations operating under regional data residency laws or internal security policies are often required to store data within controlled environments, whether on-premises or in-region cloud infrastructure. These organisations need to remain compliant while having a scalable and efficient log management strategy. Traditional solutions, however, often introduce high costs, operational overhead and fragmented workflows. At its DASH conference in 2023, Datadog launched Flex Logs, which has since become one of its fastest-growing products. Flex Logs decouples the costs of log storage from the costs of querying. It provides both short- and long-term log retention for a nominal monthly fee without sacrificing visibility, enabling streamlined correlation between all of an organisation's logs, metrics and traces. To help companies meet data residency regulations, policies and preferences—while further optimising cost and efficiency—Datadog has launched new log management capabilities that build on the foundation set by Flex Logs. Datadog's latest enhancements enable organisations to support modern SIEM and security workflows while maintaining full visibility, cost consciousness and operational efficiency: Archive Search queries logs from customer-owned cold storage without requiring re-indexing. Archived logs can be searched the same way as logs under retention in the Log Explorer without introducing new tools or extra training. Datadog keeps the user experience consistent, regardless of the age of logs. Flex Frozen is a new storage tier extending log retention to over seven years, eliminating the need for managing and securing external archives. Built for audit-heavy, compliance-driven environments, Flex Frozen simplifies data retention by keeping logs inside Datadog in order to reduce overhead, simplify reporting and analytics, and improve accessibility. CloudPrem enables enterprises to deploy Datadog's indexing and search capabilities within their own infrastructure. Whether it's due to regional data residency laws or internal compliance mandates, customers can now keep their logs local—while continuing to use the Datadog UI and workflows they trust. 'As compliance standards grow more complex and global data regulations tighten, organisations face mounting pressure to retain log data longer, search it faster and keep it where it belongs,' said Michael Whetten, VP of Product at Datadog. 'With today's launches, Datadog makes it easier to manage logs, control their costs and stay compliant without sacrificing performance, accessibility or the user experience.'