The Datadog Security Platform team leverages Serverless to ingest security events across many different cloud providers, deployment platforms, and devices. These security events are then transformed and shipped to a data lake to help defend and protect the platform as a whole. Once there, these ingested events are used to drive internal investigations, create internal security alerts, and reason about security incidents.

In this episode of Datadog on Serverless, David Huie, Team Lead - Security Engineering and Andrew Krug, Technical Evangelist - Security, will join Kirk Kaiser, Technical Evangelism Team Lead. They will talk about the tradeoffs we’re making within the Serverless ecosystem and platform. From deciding when to use Fargate or Lambda, to how well lambda fits within a larger open source ecosystem, we’ll touch upon real world lessons learned from shipping Serveress systems at scale.

00:00 - Datadog on Serverless
00:56 - Intro to Datadog and Sense of Scale
02:50 - How Datadog Detects and Reacts to Security Events
05:59 - An example incident at Datadog
09:15 - How Security Teams Are Organized at Datadog
10:18 - Security Platform
16:27 - Active Defense
19:26 - Why Datadog Chose Serverless
22:17 - How Datadog Works with Serverless
36:10 - How Datadog is Scaling Serverless
38:51 - Q&A