Automate identity protection, threat containment, and threat intelligence with Datadog SOAR workflows

Datadog has expanded its Security Orchestration, Automation, and Response (SOAR) solution to bring security automation directly into Datadog Cloud SIEM. Prebuilt, customizable blueprints enable teams to automate key security workflows, enriching, triaging, escalating, and responding to threats without manual effort. Integrated case management streamlines collaboration, while out-of-the-box blueprints help standardize responses to common threats like unauthorized access or malware detection. New SOAR workflows include Identity and Access Management (IAM) workflows that automate responses to suspicious logins and account compromises, Endpoint Detection and Response (EDR) workflows that speed up the investigation and containment of endpoint threats, and Threat Intelligence Enrichment workflows that enrich alerts with external data so teams can prioritize and respond more effectively. Each SOAR blueprint is fully customizable, allowing teams to tailor automation to their environment by modifying steps or conditions to match their processes. Automation reduces response times, improves incident handling, and enables teams to focus on stopping real attacks.