Today, we’re happy to announce Datadog Security Labs, a dedicated place for Datadog to publish security research content for the community. On Security Labs, you’ll see the release of new open source tools, research projects, emerging threat reports, deep dives, telemetry studies, tips, videos, and more.
We envisioned a one-stop shop to share actionable, practitioner-focused content in order to help others better understand security, implement best practices, and navigate the rapid pace of security news. We want Security Labs to be in your top set of cloud security bookmarks, where you can read about the latest news and research directly from our experts and security professionals.
Some highlights of our previous work include:
- Open-sourcing Stratus Red Team, a cloud-native threat emulation tool
- Sharing a repository of purposely vulnerable applications with the community to empower organizations to better understand and reproduce popular exploits, such as Spring4Shell or the Confluence CVE-2022-26134 OGNL vulnerability
- Our advisory on the Dirty Pipe vulnerability, along with how to detect exploitation and a proof of concept for leveraging it to break out from containers
- Our advisory on the Log4Shell vulnerability, along with how to reproduce exploitation and examples of exploitation attempts in the wild
We’re excited about the road ahead and can’t wait to share more tooling, insights, and stories from the trenches with the community!
You can also subscribe to our monthly newsletter to receive our latest research in your inbox.
