OOTB Rules

Docs > Datadog Security > OOTB Rules

Datadog provides out-of-the-box (OOTB) detection rules to flag attacker techniques and potential misconfigurations so you can immediately take steps to remediate. Datadog continuously develops new default rules, which are automatically imported into your account, your App and API Protection library, and the Agent, depending on your configuration.

Datadog's Security Research team continuously adds new OOTB security detection rules. While the aim is to deliver high-quality detections with the release of integrations or other new features, the performance of these detections at scale often needs to be observed before making the rule generally available. These rules contain a Beta tag. This gives Datadog's Security Research team time to either refine or deprecate detection opportunities that do not meet Datadog's standards.

Click the following buttons to filter the detection rules. Security detection rules are available for:

App and API Protection
Cloud SIEM (log detection and signal correlation)
Cloud Security Misconfigurations (cloud and infrastructure)
In Cloud Security, rules with the infrastructure label are applicable to Agent installations.
Workload Protection
Cloud Security Identity Risks
Attack Paths