How we centralize and remediate risks with Datadog Case Management | Datadog

Proactively addressing risks in technical environments is a constant challenge. Many teams wait until it’s too late and key application functionality is disrupted or sensitive data is exposed. However, understanding risk severity in context can be difficult, especially in distributed systems where related issues and impacts may not be immediately obvious.

To manage risks effectively, teams need all risk-related data from across their systems in a single place combined with clear, actionable processes for mitigation. In this post, we’ll explore how our Risk team uses Datadog Case Management to collect this data into a central risk register and automate key remediation activities.

Creating a single source of truth for risk data

As the Datadog Risk team, we’re responsible for raising awareness of areas within our environments that could expose Datadog to harm. This role involves detecting, triaging, and prioritizing risks, as well as driving enforcement on risk remediation and severity reduction. We help teams throughout Datadog better understand the risks in their processes and technologies, enabling them to either eliminate these risks or reduce their severity.

With data spread across multiple internal organizations, it’s often hard to understand the severity of risks across the company. What may appear to be a minor, isolated risk can quickly be revealed as a meaningful business risk when we cross-reference it with related risks, vulnerabilities, or security incidents across other orgs.