Datadog's 2025 State of Cloud Security Report Finds Companies Adopting Data Perimeters Amid Growing Concerns of Credential Theft
Rhea-AI Summary
Datadog (NASDAQ: DDOG) released the 2025 State of Cloud Security report on October 8, 2025, analyzing thousands of cloud customers across AWS, Azure and Google Cloud.
Key findings: 40% of organizations use data perimeters (commonly via S3 bucket and VPC endpoint policies); 86% use multi-account setups within an AWS Organization and 70% have all accounts inside an Organization. Credential risk remains high: 59% of AWS IAM users, 55% of Google Cloud service accounts, and 40% of Microsoft Entra ID applications had access keys older than one year.
The report stresses stronger access controls and continuous verification to reduce credential-theft risk.
Positive
- 40% of organizations adopted data perimeters
- 86% use multi-account within an AWS Organization
- 70% have all accounts enrolled in an AWS Organization
Negative
- 59% of AWS IAM users had access keys older than one year
- 55% of Google Cloud service accounts had access keys older than one year
- 40% of Microsoft Entra ID applications had access keys older than one year
Although data perimeters are considered an advanced practice, over one-third of organizations have already adopted them
New York, New York--(Newsfile Corp. - October 8, 2025) - Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced the 2025 version of its State of Cloud Security report. In it, Datadog found that newer strategies—such as data perimeters and centrally managed multi-account environments—are growing in popularity.
Datadog's report analyzes security posture data from a sample of thousands of organizations that use AWS, Azure or Google Cloud. In its research, Datadog found that
Another strategy teams are employing to reduce security risk is multi-account environments. Enforcing minimal privileges in a single account is challenging, which is why centrally managing multiple accounts through AWS Organizations has become a security best practice. This approach enables teams to enforce security invariants across all accounts with top-down guardrails. Datadog found that adoption of platforms like Organizations is widespread—
Part of the reason teams are implementing new security strategies is that credential theft remains a major attack vector, a problem that is exacerbated by long-lived credentials that never expire and frequently get leaked in source code, container images, build logs and applications artifacts. This year,
"Every identity—human or machine—represents a potential entry point to our critical data," said Emilio Escobar, CISO at Datadog. "Strong access controls and continuous verification aren't just security features; they're foundational to protecting our assets in today's borderless environment."
Datadog's 2025 State of Cloud Security is available now—read the full report here. To learn more about how Datadog helps companies secure their cloud environments, visit: https://www.datadoghq.com/product/cloud-security/.
About Datadog
Datadog is the observability and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring, log management, user experience monitoring, cloud security and many other capabilities to provide unified, real-time observability and security for our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.
Forward-Looking Statements
This press release may include certain "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended including statements on the benefits of new products and features. These forward-looking statements reflect our current views about our plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on assumptions we have made. Actual results may differ materially from those described in the forward-looking statements and are subject to a variety of assumptions, uncertainties, risks and factors that are beyond our control, including those risks detailed under the caption "Risk Factors" and elsewhere in our Securities and Exchange Commission filings and reports, including the Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission on August 8, 2025, as well as future filings and reports by us. Except as required by law, we undertake no duty or obligation to update any forward-looking statements contained in this release as a result of new information, future events, changes in expectations or otherwise.
Contact
Dan Haggerty
press@datadoghq.com
To view the source version of this press release, please visit https://www.newsfilecorp.com/release/269475
FAQ
What did Datadog's 2025 State of Cloud Security report find about data perimeter adoption?
How common is multi-account management within AWS according to Datadog's 2025 report?
What credential-age risks did Datadog report on October 8, 2025 for DDOG customers?
What security practices did Datadog recommend in the 2025 State of Cloud Security report?
When was Datadog's 2025 State of Cloud Security report published and where can investors read it?
