Datadog acquires Metaplane to boost AI & data observability
Datadog has published findings from its latest State of DevSecOps report and revealed the acquisition of data observability firm Metaplane.
The State of DevSecOps 2025 report details that Datadog developed a vulnerability prioritisation algorithm incorporating runtime context—measuring factors such as whether a vulnerability is present in a production environment or exposed to the internet. This additional context filtered out issues of less immediate concern, resulting in only 18% of vulnerabilities with a critical Common Vulnerability Scoring System (CVSS) rating being classified as truly critical.
Andrew Krug, Head of Security Advocacy at Datadog, commented: "The State of DevSecOps 2025 report found that security engineers are wasting a lot of time on vulnerabilities that aren't necessarily all that severe. The massive amount of noise security teams have to deal with is a major issue because it distracts from prioritising the really critical vulnerabilities. If defenders are able to spend less time triaging issues, they can reduce their organisations' attack surface all the faster. Focusing on easily exploitable vulnerabilities that are running in production environments for publicly exposed applications will yield the greatest real-world improvements in security posture."
One significant insight from the report is that Java applications have an especially high prevalence of known-exploited vulnerabilities, with 44% of Java services affected. In contrast, applications built with Go, Python, .NET, PHP, Ruby, and JavaScript collectively averaged only 2% of applications with such vulnerabilities.
On patching speed, the report observed that Java-based Apache Maven ecosystems took an average of 62 days to implement library fixes, compared with 46 days for .NET-based ecosystems and 19 days for JavaScript-based npm packages.
The report also highlights ongoing risks to the software supply chain. The analysis identified thousands of malicious libraries on PyPI and npm, with some employing typosquatting such as 'passports-js' mimicking the legitimate 'passport' library. Other threats included active takeovers of popular dependencies, as seen with Ultralytics, Solana web3.js, and lottie-player. Both state-sponsored and criminal actors were found exploiting these supply chain vulnerabilities.
The research notes a slow improvement in credential management. In the previous year, 63% of organisations used long-lived credentials at least once to authenticate GitHub Actions pipelines. This year's figure dropped to 58%.
Outdated libraries also remain an industry challenge. Dependencies across all programming languages lag months behind their most recent major updates. Services deployed less than once a month were observed to have dependencies 47% more outdated than those in services updated daily, contributing to greater potential exposure to unpatched vulnerabilities.
Datadog's report was compiled through the analysis of tens of thousands of applications and container images distributed across thousands of cloud environments to assess contemporary risk factors and security practices.
Separately, Datadog announced its acquisition of Metaplane, a platform specialising in end-to-end data observability using machine learning-powered monitoring and column-level lineage.
With businesses increasingly turning to AI and adopting platforms including Snowflake and Databricks, Datadog stated the integration of Metaplane technologies will speed its move from cloud observability into full data observability. This is expected to enhance its set of data-centric monitoring tools, such as Data Jobs Monitoring and Data Streams Monitoring.
Michael Whetten, VP of Product at Datadog, stated: "Observability is no longer just for developers and IT teams; it's now an essential part of data teams' day-to-day responsibilities as they manage increasingly complex and business-critical workflows. This complexity will become even more pronounced as more businesses deploy AI applications. By unifying observability across applications and data, Datadog will help organisations build reliable AI systems."
Kevin Hu, co-founder and CEO of Metaplane, said: "Our mission at Metaplane is to help companies ensure trust in the data that powers their business. Joining forces with Datadog enables us to bring data observability to tens of thousands more companies, while bringing data teams and software teams closer together."
Following the acquisition, Metaplane will continue to support both existing and new customers as part of the Metaplane by Datadog offering.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
14 hours ago
- Techday NZ
Cobalt unveils platform updates to streamline pentesting workflows
Cobalt has announced a series of product enhancements within its Offensive Security Platform intended to assist customers in scaling security testing with greater clarity, automation, and control. The platform centralises access to security services provided by a team of pentesters, enabling organisations to identify and address vulnerabilities more efficiently across their environments. Features offered include faster pentest launches, real-time collaboration with testers, continuous scanning, and integration with remediation workflows. According to the company, these processes aim to support security teams in identifying critical issues and accelerating the mitigation of risks. The latest updates seek to provide customers with clearer risk prioritisation. Each finding within the platform now comes with standardised CVSS v3.1 scores alongside OWASP ratings, offering a measurable and objective understanding of vulnerability severity. Users are expected to be able to concentrate their remediation efforts on the most critical security issues first, potentially saving time and resources while maintaining their security posture. CVSS data are accessible via reports, CSV exports, the public API, and integrations. Deeper insight and increased trust in pentest results is also a focus of these enhancements. Final pentest reports now include a detailed Coverage Checklist with associated findings. This addition is designed to provide a comprehensive overview of testing scope and methodology, linking individual findings directly to test activities. This approach is intended to make it easier for users to analyse results and take appropriate action. For organisations dealing with recurring or retested vulnerabilities, workflow simplification is addressed through a new configuration option. Users can automatically associate findings carried over from previous reports with existing tracking tickets or generate new tickets for separate tracking. This is intended to save time and reduce confusion in vulnerability management processes. The process of launching a pentest has also been redesigned. The platform now provides an intuitive flow in which users can select from a range of pentest options, customise requirements - such as requesting a debrief call - and place their order in a matter of minutes. Cobalt describes this as making launching a pentest as simple as ordering a pizza, with the goal of improving the user experience and accelerating the initiation of testing. Boris Diebold, Chief Technology Officer at HeyJobs, commented, "These updates are all about delivering more impactful and efficient testing. The clearer reporting and streamlined workflows help us understand and address our security risk with more confidence and speed." Discussing the direction of the platform, Jason Lamar, SVP of Product at Cobalt, said, "These innovations mark the next chapter in the evolution of offensive security services. We're building toward a future where pentesting is continuous, deeply integrated into development workflows, and backed by data that drives real security outcomes - not just compliance. The Cobalt Platform is redefining what it means to test smarter, not harder." The enhancements are intended to make pentesting more actionable and transparent, whether an organisation is launching a test in a short timeframe, integrating insights directly into development pipelines, or supporting compliance reporting. The platform continues to prioritise usability, integration capabilities, and the timely remediation of vulnerabilities, as it serves security and development operations teams dealing with changing and emerging security threats.
Techday NZ
22-05-2025
- Techday NZ
Picus launches tool for real-time validation of exploitable risks
Picus Security has introduced a new capability designed to help security teams determine which vulnerabilities in their environments are actually exploitable. The new feature, called Picus Exposure Validation, uses real-time attack simulations to provide evidence-based assessments of vulnerability risks within a specific organisation's environment. This approach aims to address the challenge of large numbers of vulnerabilities that are often identified but not all requiring immediate attention or remediation. With more than 40,000 new Common Vulnerabilities and Exposures (CVEs) disclosed in 2024 - with 61% ranked as high or critical - security teams often struggle to respond effectively, as traditional vulnerability management methods can lead to inefficient allocation of resources. Picus Security says the new capability assists security teams in distinguishing between vulnerabilities that can actually be exploited in their unique systems and those that can be safely deprioritised. Traditional vulnerability management is typically driven by severity metrics such as Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS), which provide generalised risk indicators but may not account for an individual organisation's existing security controls and asset criticality. Picus Exposure Validation aims to fill this gap with the Picus Exposure Score, an evidence-based, context-aware metric intended to reflect actual risk, according to the company. The system continuously tests security controls using real-world attack techniques to determine whether known vulnerabilities can be exploited given the organisation's current defences. The findings are automatically updated and presented in transparent reports, enabling quicker and more confident decision-making in response to new security threats. Volkan Ertürk, Co-Founder and Chief Technology Officer at Picus Security, commented: "The challenge today isn't finding vulnerabilities, it's knowing which ones matter in your unique environment. CVSS, EPSS and KEV offer theoretical risk signals. Picus Exposure Validation delivers proof by testing threats against your production defenses in real time. It replaces assumptions with evidence so security teams can focus on vulnerabilities that are actually exploitable." Key features highlighted by the company include the ability for security teams to more accurately prioritise remediation work, safely deprioritise less urgent vulnerabilities, and reduce manual workloads through the use of automated validation processes. The solution is said to include tailored recommendations to quickly improve the effectiveness of security controls, offering an alternative when immediate patching is not feasible. A global industrial firm reported that, upon deploying Picus Exposure Validation, it was able to reduce its list of critical patches by 85%. Based solely on CVSS ratings, 63% of the vulnerabilities in the organisation's systems were initially classified as critical. However, after applying Picus Exposure Validation, it was found that only 9% of those were truly high risk and required prioritisation. This reduction reportedly saved the organisation thousands of hours on patching activity and allowed the security team to focus resources more efficiently. The company positions Picus Exposure Validation as a new methodology for combining data about vulnerabilities with automated attack simulation to create an organisation-specific analysis of exploitability. This approach, according to Picus, offers security teams a more focused view on where to deploy efforts for mitigation and remediation and thereby enables more effective closing of security gaps. The Picus Exposure Validation feature is now available to organisations seeking enhanced vulnerability validation for their own environments. Follow us on: Share on:
Techday NZ
22-05-2025
- Techday NZ
Google enhances agent toolkit & unveils updates for secure AI
Google has announced a range of updates aimed at enhancing its intelligent agent development tools, management platforms, and agent-to-agent protocols. The company has released the production-ready version 1.0.0 of its Python Agent Development Kit (ADK). This development, according to Google, marks a significant milestone in providing stability and flexibility for building sophisticated software agents that can be deployed in live environments. The Python ADK has already been in use by several organisations, including Renault Group, Box and Revionics, who have offered feedback during its earlier phases. Alongside the Python toolset, Google is extending its ADK to support the Java ecosystem, with the initial release of Java ADK version 0.1.0. Java developers are now able to integrate the ADK into their Maven projects by including a dedicated dependency. This expansion is intended to provide Java users the same flexibility and capabilities already available to Python developers for agent development. Google states that "empowering developers with a platform that offers flexibility, trust, and comprehensive capabilities is key to realising this potential." The company's updates are "designed to help you build and manage your intelligent agents with unprecedented ease and power." Updates also include the launch of the Agent Engine UI, an interface for managing the lifecycle of intelligent agents within the Vertex AI Agent Engine. The UI offers a dashboard integrated into the Google Cloud console, providing developers with tools to inspect deployed agents, review metrics such as requests and CPU usage, trace and debug sessions, and monitor agent behaviour. This is expected to simplify the process of maintaining and optimising intelligent agents in production environments. In the area of secure agent communication, Google has rolled out version 0.2 of its Agent2Agent (A2A) protocol specification. The latest update adds support for stateless interactions to facilitate more lightweight communication when session management is unnecessary. In addition, authentication procedures have been formalised based on an OpenAPI-like schema, aiming to make security requirements clearer and improving overall reliability of agent-to-agent communications. The company is also introducing the official Python SDK for the A2A protocol to assist developers in adopting and integrating the protocol in their Python-based agents. The SDK comes with a collection of tools designed to make it easier to build and implement communication functionalities between intelligent agents. Google highlights significant industry momentum for the A2A protocol, citing new partners and projects in its growing ecosystem. Auth0 is launching sample open source agents to demonstrate the use of A2A and Auth0's GenAI authentication for secure, multi-agent communications. Box AI Agents are now able to use A2A to collaborate with external agents for managing unstructured content like scans and images, extracting key details such as dates and contractual terms, and completing complex processes without having to leave the content environment. Microsoft has announced support for the protocol in Azure AI Foundry and introduced the capability for Microsoft Copilot Studio to invoke any A2A agent. Demonstrations have also highlighted the use of A2A for workplace productivity, enabling multiple agents to be invoked with Microsoft Entra Agent ID and Microsoft Graph. SAP is integrating A2A protocol support into its AI assistant, Joule. This addition will allow Joule to orchestrate agents within its ecosystem and invoke agents built using Google ADK, thereby providing users access to agents across different systems without requiring context switching within the user interface. Zoom has committed to supporting the A2A protocol and Agentspace integration, with the objective of advancing multi-agent collaboration throughout its open platform. Google commented, "We are incredibly excited about these updates and believe they will empower you to build even more sophisticated, reliable, and impactful intelligent agent solutions. These advancements in our ADK, Agent Engine, and A2A protocol are designed to provide you with a comprehensive and flexible platform to bring your most ambitious agent-driven projects to life." The updates cover production infrastructure, user interfaces, communications protocols, and industry partnerships, reflecting broad efforts by Google to support enterprise and developer adoption of intelligent agent systems.
