Datadog Cloud Security Management (CSM) offers actionable insights to detect cross-account access risks in AWS environments. The platform continuously scans the entire infrastructure for misconfigurations, identity risks, vulnerabilities, and compliance issues, including IAM roles with administrative privileges that pose a risk to cloud environments. These roles can be assumed by entities, allowing attackers to pivot from one account to another, gain admin-level access, and potentially access sensitive data. Datadog's CSM Identity Risks provides visibility into these risks, flagging entities that have the ability to assume another role, including EC2 instances, and offering recommendations for adjusting affected access and permission policies, with direct navigation to the AWS Console.