DDOG announces Security Monitoring

Announced Security Monitoring, a new product that enables real-time threat detection across the entire stack and deeper collaboration between security, developers, and operations teams.

Modern security teams work closely with developers and operations as they build new products, to help them protect against threats in cloud-native environments. At the same time, security teams increasingly require the same visibility that developers and operations do. To address these challenges, Datadog’s Security Monitoring product processes monitoring data from the infrastructure, the network, applications, and security devices to surface potential threats. With threat detection rules directly operating in real-time on ingested streams, Datadog’s Security Monitoring maximizes coverage without any of the traditionally associated performance or cost concerns.

Our customers are moving into a world in which security must become a shared responsibility across engineering teams to address the increased complexity and scale of their environments. We built Security Monitoring to break down silos between security professionals and their DevOps peers, and provide real-time threat detection in modern hybrid cloud environments.

Datadog Security Monitoring provides powerful threat detection with the following capabilities:

Unique Security Insights: Observability data, including infrastructure metrics, traces, and logs from Datadog’s 350+ existing integrations, and security-related integrations including AWS GuardDuty, AWS CloudTrail, Okta, Google Suite, and others – combined in one platform to provide high fidelity security signals.

Out-of-the-Box and Editable Threat Detection Rules: Rules curated by Datadog to detect widespread attacker techniques, so users can get started in minutes, without professional services. Users can also write and fine-tune their own rules without learning a proprietary query language.

Real-Time Detection “Without Limits”: Rules are applied in real-time, as logs and events are ingested, with no prerequisite to index them.

Collaborative Investigations with Existing Tools: Email, Slack, PagerDuty, JIRA, ServiceNow, etc. Reach developers and security users where they already work.

Datadog’s Security Monitoring brings greater visibility with one centralized platform shared by development, operations, and security teams.


Man, they are a fast moving company on a mission.

Looks like a really good out of the box product. Here’s the blog from the company with some more granular looks.


It seems like a great product all around. They will continue to succeed.

Splunk just had a great report(for them). This space (observability & monitoring) seems to be a rapidly growing space.


Gonna ask the dumb question here , well the lazy one,

DDOG is built off ESTC
ESTC gets new security later
DDOG announces new security layer
Did DDOG just repackage ESTC security?

Just a Fool


Did DDOG just repackage ESTC security?

No, DataDog’s security product is of their own making. They use ES in their infrastructure as the datastore to index and search the data ingested from the DataDog Proprietary Agents installed. They use other open source tools as well like Kafka. And the product they sell is the DataDog dashboards for visualization, alerting, ML, and other features. But to be clear, they are not reselling Elasticsearch in any way. Certainly not any more than Uber or Lyft or GrubHub do in their final product. They just use it in the stack that delivers a Proprietary Software Product. Even if it is a core to the infrastructure.

You can see a visualization of what the DataDog stack looks like (at least at the time) here:


The security for the Elastic Stack is layered into various subscriptions levels. But none of them are in a license which could be repackaged and sold as a solution.

But it is further evidence of the convergence of these use cases, which ESTC has been talking about for some time.



Hi Darth:

For those of us who are less technical, I have a few questions.

  • What are the ESTC and DDOG use cases that are converging? The dashboard displaying data in one view?
  • I infer from your post that ESTC and DDOG work together. Am I right?
  • If they do how does this impact ESTC and DDOG’s bottom line?
  • If they work together, do the synergies point to a future merger?

Thanks for posting the deck. Even though I am not technical it is nice to have access to this resource to try to learn these concepts, like the notion of a software stack, the use of open source tools and ofc differentiating the security capabilities of ESTC and DDOG.

First time poster. I am grateful for this board. Thank you Saul and to all of those who provide well informed insight into these stocks.


As a side note, the use of ElasticSearch in cloud environments as part of the ELK (ElasticSearch, Logstash, Kibana) group to collate and centralise logging data in distributed systems is pretty standard. Good to see DDOG making use of it.

I do wonder how ESTC will make money as I don’t see much value add on top of the already incredible, free search engine.

Long DDOG, no position ESTC.