Trust Center

We also identified a small number of customer API keys (used to send data to Datadog) in an exposed repository, and have contacted the affected customers directly advising them to disable and rotate these keys.

We are aware of the access by an unauthorized third party to a number of Datadog source code repositories. As part of our response, we identified the employee account that was compromised, secured access to the impacted repositories and verified that there was no access to our corporate network, customer environments or any datastore used to host our customer’s observability data.

We're pleased to announce that summaries of Datadog's and Cloudcraft's 2024 penetration tests (as performed by NCC Group) are available on our security portal. These summaries are accompanied by Letters of Assessment. Please review the summaries and Letters of Assessment at your convenience.

In response to the recently discovered CUPS Zero-Day Vulnerabilities (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177), Datadog is conducting an internal investigation. If we are vulnerable, we intend to patch our environment in adherence with our Vulnerability Management process. Our process and remediation timelines are outlined in our Vulnerability Management at Datadog white paper, which is available via our Trust Portal.

In the context of customer installed code, the Datadog Synthetics Private Location Worker container image has an affected version of libcups installed in the container. This image is not exploitable if configured using Datadog’s default or recommended configurations. Datadog has patched the affected image. Upgrade your Synthetics Private Locations to version 1.52.0 by following these instructions.

In response to the recently discovered Remote Unauthenticated Code Execution (RCE) vulnerability (CVE-2024-6387) in OpenSSH’s server (sshd), Datadog conducted an internal investigation, and has patched all impacted systems. Additionally, our environment is not publicly accessible via SSH. As such, we consider the vulnerability fully mitigated within the Datadog environment.

To check if your systems are vulnerable and guidance on how to remediate any affected systems, please refer to Datadog’s recent Security Labs blog post: RegreSSHion vulnerability CVE-2024-6387: Overview, detection, and remediation.

In May 2024, Mandiant notified Snowflake of unauthorized access to certain customer accounts. It was determined that this access did not stem from a breach of Snowflake’s enterprise environment, but rather compromised customer credentials.

We deployed our internal Detection and Response teams to search for signs of impact, and after a thorough investigation, it was determined that there was no impact to Datadog.

As an added precaution, we have successfully rotated or deleted keys for Snowflake service accounts.