Turn any signal into insight and action. See how PagerDuty Digital Operations Management Platform integrates machine data and human intelligence to improve visibility and agility across organizations.
Connect insights to real-time action by aligning teams through the shared language of business impact.
Check out the latest products we’ve been working on—including event intelligence, machine learning, response automation, on-call, analytics, operations health management, integrations, and more.
Digital Operations Management arms organizations with the insights needed to turn data into opportunity across every operational use case, from DevOps, ITOps, Security, Support, and beyond.
Over 300 Integrations
Discover DevOps best practices with our library of webinars, whitepapers, reports, and much more.
Learn best practices and get support help with resources from our award-winning support team.
See how PagerDuty works with our live product demo — twice a week, every week.
Join live and on-demand webinars for product deep dives, industry trends, configuration training, and use case-specific best practices.
Interactive, simple-to-use API and technical documentation enables users to easily try updates and extend PagerDuty.
Engage with users and PagerDuty experts from our global community of 200k+ users. Become a member, connect, and share insights for success.
Get all your PagerDuty-related questions answered by exploring our in-depth support documentation and community forums.
“I need to be notified if there’s a significant event ongoing with SignalFx.” This is what I tell my team. However, despite being the CTO...
PagerDuty helps organizations transform their digital operations. Learn more about PagerDuty's mission and what we do.
Meet our experienced and passionate executive team.
We are risk-taking innovators dedicated to delivering amazing products and delighting customers. Join us and do the best work of your career.
With the PagerDuty Foundation, we are committed to doing our part in giving back to the community.
Datadog provides a monitoring platform that enables teams to ensure that their cloud applications provide the best possible user experience. To help achieve this, Datadog also embraces DevOps, working in an agile manner to constantly innovate and rapidly deliver new features and enhancements to their customers.
This DevOps approach means that Datadog engineers make frequent updates to the infrastructure, which can cause alarm for its security team if the engineers fail to work closely with them. To avoid miscommunication and ensure that releases have security built in, Datadog involves its security team during development. In fact, Datadog is at the forefront of a growing trend called DevSecOps.
In August 2016, the company adopted PagerDuty as an integral component of its digital operations management. Today, in addition to using PagerDuty to support engineering teams with business continuity and disaster recovery (BC/DR), Datadog uses PagerDuty to notify its information security team of events that require an immediate response.
Embracing a New Approach to Scale Security
Datadog is an agile, operations-focused organization with hundreds of engineers distributed around the globe. In many organizations, information security teams are typically siloed from the rest of the development teams, which can often delay production releases due to validation processes during security code reviews. But Datadog knew this approach had to go. “Security wasn’t going to work if it was outside of the development organization, just trying to swoop in when things go sideways,” explained Andrew Becherer, Datadog’s Chief Security Officer.
Because it views security as another aspect of quality, Datadog embeds its security operations and development functions into the organization as a whole. “It behooves security to use the same tools, use the same methods, and bring the same types of technologies to bear in solving the problems faced by the rest of the development organization,” Becherer shared.
By extension, when it comes to vulnerability management, Datadog’s security team tracks issues in much the same way that its developer teams track issues, and security alerting and response follow a similar workflow as other teams within Datadog. “It’s uncommon that security teams at other companies are using PagerDuty in the capacity in which we’re using it,” said Becherer.
Validating Code Changes on Amazon Web Services (AWS)
Datadog is completely cloud-based, leveraging a range of AWS services to run code. With over 15 AWS accounts to manage everything from staging to production, keeping track of authorized changes to code can become quite complex. To validate changes, Datadog leverages ChatOps, integrating Slack, Duo Security, and PagerDuty. When a developer makes a potentially dangerous change to AWS, the security team sends a Slack message to the developer to validate the action. The developer confirms the code push via Slack and through two-factor authentication from Duo. If the developer does not reply in a timely manner or does not confirm the code change, PagerDuty sends an alert to the security team to escalate the response. If a change exceeds a certain threshold of risk, then either the security team is notified immediately via PagerDuty or automated AWS configuration management logic reverts the change to a trusted state.
In short, developers are constantly making changes to each AWS instance, but it’s up to the security team to determine whether or not changes are authorized across tens of billions of API calls per year on AWS.
Enabling Agile Security and Development With PagerDuty
Like other companies, Datadog’s security organization is deeply concerned about the time it takes to remediate security vulnerabilities. Rather than having to parse through audit logs to understand what happened, Datadog connects its developer teams to security as quickly as possible. By using PagerDuty, Datadog has reduced the overall time required to resolve such issues.
PagerDuty also provides visibility into security incidents to developers and engineers so that they can get immediate feedback on their actions if the security team deems them risky. “Developers are trying to solve a problem and they make a change [to address that problem],” explained Becherer. “You want to provide feedback as quickly as possible in that moment because they’re going to move on to something completely different [right after making that change].”
For example, in one recent security event, PagerDuty quickly escalated a security issue that occurred when a Datadog sales rep was preparing to give a demo. “Because of PagerDuty, we were able to connect a security engineer with our engineers within minutes,” recounted Becherer. “That’s solid gold. That’s where we have to be.”
“It behooves security to use the same tools, use the same methods, and bring the same types of technologies to bear in solving the problems faced by the rest of the development organization.”
600 Townsend St., #200
San Francisco, CA 94103
905 King Street West, Suite 600
Toronto, ON, M6K 3G9, Canada
1416 NW 46th St., St. 301
Seattle, WA 98107
5 Martin Place
1 Fore St,
London EC2Y 9DT
© 2009 - 2018