Datadog Application Vulnerability Management is now generally available! Learn how you can uncover high-impact vulnerabilities from open-source libraries exposed in production: dtdg.co/application-vu…

We just released Datadog, Inc. “State of Application Security” report! Discover how Datadog in-app context helps to better prioritize vulnerabilities (reducing count of critical by 97%) or to drastically increase signal to noise ratio (proving that 74% attacks are harmless)!

Vulnerability management is an industry's challenge. Using extra information such as the presence of attacks, we can adjust vulnerability score to your runtime context, and show that only 3% critical vulnerabilities are worth prioritizing. Read more here datadoghq.com/state-of-appli…

Using data from thousands of services we see that the more dependencies, the highest is the risk to face critical vulnerabilities. True for Python, Node.js, Java... but not for .Net! Because .Net has much less vulnerabilities than other languages. More on datadoghq.com/state-of-appli…

We can prove when attacks are unsuccessful, and that concerns 74% of them! For instance, an SSRF attack on a request that don't perform HTTP, a PHP attack on a Node.js application, ... see more on datadoghq.com/state-of-appli…

Cloud Security Lounge #2 is out! We discuss detecting and preventing account takeover attacks with @techyteachme, a threat intel professional using his economic and criminal knowledge of cybercrime to give a new perspective on the matter youtube.com/watch?v=pJ0TNV…

I had an insightful discussion last week with Sacha Faust about security inventories. They enable engineering accountability from a security standpoint. I'll release it this week, stay tuned!

Cloud Security Lounge #3 is out! I discuss security inventories with Sacha Faust, director of security engineering @Grammarly. He open sourced one of the first Lyft with alex chantavy. Cloud and graph databases made them possible, spread security accountability made them useful!

Tune in to our newest episode of Cloud Security Lounge! This week, we are joined by Michael Dawson and exploring security in the Node.js ecosystem: dtdg.co/3C3pbtW #appsec #nodejs #cloudsecurity

Thanks Chris Romeo and the The Application Security Podcast - always a pleasure to chat with security experts about this: we've been surprised by the same data points! Hint: 3/4 of attacks are mistargeted!

I'll be talking Application security with industry legends Avi Douglen and Jb Aviat this Thursday. Sign-up for the livestream here datadoghq.com/event/applicat…

Curious about the most common ways for attackers to initiate cloud breaches? Chris Farris (@[email protected]) chats with us about the latest trends in cloud security, especially those reflected at #fwdcloudsec! Tune in here: youtube.com/watch?v=swoT2t…

We interviewed Chris Farris (@[email protected]) days before fwd:cloudsec about cloud security. Our key takeaways: The lines are blurring: beyond infra security towards business logic. Chris best cloud security advice: get rid of your access keys! Concrete case: the LastPass breach. tune in here 👇

CVSS powers any vulnerability and yet most people don't get it. The version 4 of CVSS now makes it more intelligible! We discussed it with Matthew Coles, along with other ways to spot what vulnerabilities really matter to your context using CVSS.

Another episode of the Datadog, Inc. Cloud Security Lounge with Matthew Coles, Izar Tarandach and Jb Aviat . No BS, no hidden agenda, just great folks and great security chats! youtube.com/watch?v=AC6x9J…

This was a lot of fun! Tune in to this wonderful conversation with Jb Aviat and Izar Tarandach on the Datadog, Inc. podcast. We chatted about all things LLMs, security, Gandalf, and everything in between.

1/2 Interested in @w_conviction’s AI startup accelerator, Embed? Q&A hangout w/me and @prnvrdy Thursday 8/3 5:30-8p @ our SF office

🔮 The human-computer-interface trust paradox also applies to LLMs. Here's another snippet of my LLM security chat with Jb Aviat and Izar Tarandach on the Data podcast, discussing why you shouldn't rely on humans in sensitive LLM applications at scale.

🚀 Excited to launch the 8th edition of our CTO Meetup in Paris. We're opening 10 tickets to the public, apply here: bit.ly/3LtFMf9 Join about 100 CTOs, VPs of Engineering & VPs of Product from leading tech startups in Paris and from our portfolio across Europe for a