Security Labs

  • ARTICLES
  • CLOUD SECURITY ATLAS
  • ABOUT
  • writing

    June 1, 2023

    Misconfiguration Spotlight: Securing the EC2 Instance Metadata Service

    Misconfiguration Spotlight: Securing the EC2 Instance Metadata Service
  • writing

    May 23, 2023

    Container security fundamentals part 4: Cgroups

    Container security fundamentals part 4: Cgroups
  • writing

    May 16, 2023

    Attacking and securing cloud identities in managed Kubernetes part 1: Amazon EKS

    Attacking and securing cloud identities in managed Kubernetes part 1: Amazon EKS
  • emerging threats

    May 10, 2023

    The OverlayFS vulnerability CVE-2023-0386: Overview, detection, and remediation

    The OverlayFS vulnerability CVE-2023-0386: Overview, detection, and remediation
  • open source software

    May 2, 2023

    Introducing HASH: The HTTP Agnostic Software Honeypot framework

    Introducing HASH: The HTTP Agnostic Software Honeypot framework
  • research

    April 24, 2023

    An Adventure in Google Cloud threat detection

    An Adventure in Google Cloud threat detection
  • writing

    April 17, 2023

    Container security fundamentals part 3: Capabilities

    Container security fundamentals part 3: Capabilities
  • writing

    April 12, 2023

    What's new for security in Kubernetes 1.27

    What's new for security in Kubernetes 1.27
  • open source

    March 30, 2023

    Identify and remediate common cloud risks with the Datadog Cloud Security Atlas

    Identify and remediate common cloud risks with the Datadog Cloud Security Atlas
  • research

    March 20, 2023

    Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research

    Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research
  • writing

    March 13, 2023

    Container security fundamentals part 2: Isolation & namespaces

    Container security fundamentals part 2: Isolation & namespaces
  • writing

    February 23, 2023

    Container security fundamentals: Exploring containers as processes

    Container security fundamentals: Exploring containers as processes
  • writing

    February 17, 2023

    Highlights from CloudNativeSecurityCon

    Highlights from CloudNativeSecurityCon
  • open source software

    February 14, 2023

    Announcing GuardDog 1.0, with npm support, new heuristics, and easier CI integration

    Announcing GuardDog 1.0, with npm support, new heuristics, and easier CI integration
  • research

    February 6, 2023

    Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console

    Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console
  • research

    January 17, 2023

    AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass

    AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
  • open source software

    December 29, 2022

    Datadog Security Labs 2022 in review: Highlights from our inaugural year

    Datadog Security Labs 2022 in review: Highlights from our inaugural year
  • research

    December 21, 2022

    A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins

    A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins
  • writing

    December 6, 2022

    What's new for security in Kubernetes 1.26

    What's new for security in Kubernetes 1.26
  • writing

    December 1, 2022

    Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention

    Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention
  • emerging threats

    November 23, 2022

    Investigating a backdoored PyPi package targeting FastAPI applications

    Investigating a backdoored PyPi package targeting FastAPI applications
  • research

    November 21, 2022

    A confused deputy vulnerability in AWS AppSync

    A confused deputy vulnerability in AWS AppSync
  • open source software

    November 15, 2022

    Finding malicious PyPI packages through static code analysis: Meet GuardDog

    Finding malicious PyPI packages through static code analysis: Meet GuardDog
  • emerging threats

    November 1, 2022

    The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation

    The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation
  • writing

    October 14, 2022

    KubeHuddle: The first Scottish Kubernetes conference

    KubeHuddle: The first Scottish Kubernetes conference
  • research

    October 11, 2022

    Improving your AWS Security posture: Key learnings from the State of AWS Security study

    Improving your AWS Security posture: Key learnings from the State of AWS Security study
  • research

    October 5, 2022

    State of AWS Security in 2022: A look into real-world AWS environments

    State of AWS Security in 2022: A look into real-world AWS environments
  • writing

    September 28, 2022

    Highlights from BSides Zürich

    Highlights from BSides Zürich
  • writing

    September 8, 2022

    Highlights from Hacker Summer Camp

    Highlights from Hacker Summer Camp
  • writing

    September 7, 2022

    What's new for security in Kubernetes 1.25

    What's new for security in Kubernetes 1.25
  • writing

    August 18, 2022

    Highlights from fwd:cloudsec and re:Inforce 2022

    Highlights from fwd:cloudsec and re:Inforce 2022
  • open source software

    August 13, 2022

    Introducing Threatest, a Go framework for end-to-end testing of threat detection rules

    Introducing Threatest, a Go framework for end-to-end testing of threat detection rules
  • writing

    August 4, 2022

    Datadog's guide to Hacker Summer Camp

    Datadog's guide to Hacker Summer Camp
  • open source software

    July 7, 2022

    Welcome to Datadog Security Labs

    Welcome to Datadog Security Labs
  • emerging threats

    June 7, 2022

    The Confluence RCE vulnerability (CVE-2022-26134): Overview, detection, and remediation

    The Confluence RCE vulnerability (CVE-2022-26134): Overview, detection, and remediation
  • emerging threats

    April 1, 2022

    The Spring4Shell vulnerability: Overview, detection, and remediation

    The Spring4Shell vulnerability: Overview, detection, and remediation
  • emerging threats

    March 25, 2022

    Escaping containers using the Dirty Pipe vulnerability

    Escaping containers using the Dirty Pipe vulnerability
  • emerging threats

    January 28, 2022

    The PwnKit vulnerability: Overview, detection, and remediation

    The PwnKit vulnerability: Overview, detection, and remediation
  • emerging threats

    January 28, 2022

    The Dirty Pipe vulnerability: Overview, detection, and remediation

    The Dirty Pipe vulnerability: Overview, detection, and remediation
  • open source software

    January 27, 2022

    Elevate AWS threat detection with Stratus Red Team

    Elevate AWS threat detection with Stratus Red Team
  • emerging threats

    December 14, 2021

    The Log4j Log4Shell vulnerability: Overview, detection, and remediation

    The Log4j Log4Shell vulnerability: Overview, detection, and remediation

work with us

We're always looking for talented people to collaborate with

featured positions

  • Director, Engineering - Production Security

    Security - Engineering

  • Detection Engineer 2 - CSM

    Security - Engineering

  • Engineering Manager I, Core Security Response

    Security - Engineering

  • Engineering Manager I- Detection Engineering

    Security - Engineering

  • Security Software Engineer

    Security - Engineering

  • Senior Security Analyst - Federal Programs

    Security - Engineering

We have 14 positions

© Datadog 2023

  • TERMS
  • PRIVACY
  • COOKIES
  • twitter
  • rss