DataDog · michaelcretzman · May 13, 2025 · Apr 24, 2025 · May 2, 2025 · May 6, 2025
@@ -6485,110 +6485,100 @@ menu:
       identifier: appsec_terms
       weight: 1
     - name: How It Works
-      url: security/application_security/how-appsec-works/
+      url: security/application_security/how-it-works/
       parent: application_security
       identifier: appsec_howitworks
+      weight: 2
+    - name: Threat Intelligence
+      url: security/application_security/how-it-works/threat-intelligence
+      parent: appsec_howitworks
+      identifier: threats_threat_intelligence
+      weight: 1
+    - name: Trace Qualification
+      url: security/application_security/how-it-works/trace_qualification
+      parent: appsec_howitworks
+      identifier: trace_qualification
+      weight: 2
+    - name: User Monitoring and Protection
+      url: security/application_security/how-it-works/add-user-info
+      parent: appsec_howitworks
+      identifier: user_monitoring_and_protection
       weight: 3
-    - name: Threat Management
-      url: security/application_security/threats/
-      parent: application_security
-      identifier: appsec_threats
-      weight: 7
     - name: Setup
-      url: security/application_security/threats/setup/
-      parent: appsec_threats
+      url: security/application_security/setup/
+      parent: application_security
       identifier: appsec_threats_management_setup
-      weight: 700
+      weight: 3
     - name: Library Compatibility
-      url: security/application_security/threats/setup/compatibility/
+      url: security/application_security/setup/compatibility/
       parent: appsec_threats_management_setup
       identifier: appsec_compat_threats_mgmt
-      weight: 701
+      weight: 1
     - name: Using Datadog Tracing Libraries
-      url: security/application_security/threats/setup/threat_detection/
+      url: security/application_security/setup/threat_detection/
       parent: appsec_threats_management_setup
       identifier: appsec_threats_setup_threat_detection_setup
-      weight: 703
-    - name: Attack Summary
-      url: security/application_security/threats/attack-summary/
-      parent: appsec_threats
-      identifier: attack_summary_overview
-      weight: 704
+      weight: 2
+    - name: App and API Protection for Serverless
+      url: security/application_security/serverless/
+      parent: appsec_threats_management_setup
+      identifier: asm_serverless
+      weight: 4
+    - name: Library Compatibility
+      url: security/application_security/serverless/compatibility/
+      parent: asm_serverless
+      identifier: asm_serverless_compat
+      weight: 1      
+    - name: Overview
+      url: security/application_security/overview
+      parent: application_security
+      identifier: application_security_overview
+      weight: 4
+    - name: Security Signals
+      url: security/application_security/security_signals
+      parent: application_security
+      identifier: application_security_security_signals
+      weight: 5
     - name: Attacker Explorer
-      url: security/application_security/threats/attacker-explorer/
-      parent: appsec_threats
+      url: security/application_security/security_signals/attacker-explorer/
+      parent: application_security_security_signals
       identifier: threats_attackers
-      weight: 705
-    - name: Custom Detection Rules
-      url: security/application_security/threats/custom_rules/
-      parent: appsec_threats
-      identifier: threats_custom_rules
-      weight: 706
-    - name: Exploit Prevention
-      url: security/application_security/threats/exploit-prevention/
-      parent: appsec_threats
-      identifier: exploit_prevention
-      weight: 707
-    - name: WAF Integrations
-      url: security/application_security/threats/waf-integration/
-      parent: appsec_threats
-      identifier: aws_waf_int
-      weight: 708
-    - name: In-App WAF Rules
-      url: security/application_security/threats/inapp_waf_rules/
-      parent: appsec_threats
-      identifier: threats_event_rules
-      weight: 709
    - name: OOTB Rules
-      url: security/default_rules/#cat-application-security
-      parent: appsec_threats
-      identifier: appsec_default_rules
-      weight: 710
-    - name: Protection
-      url: security/application_security/threats/protection/
-      parent: appsec_threats
-      identifier: threats_protection
-      weight: 718
-    - name: Security Signals
-      url: security/application_security/threats/security_signals/
-      parent: appsec_threats
-      identifier: threats_security_signals
-      weight: 719
-    - name: Threat Intelligence
-      url: security/application_security/threats/threat-intelligence/
-      parent: appsec_threats
-      identifier: threats_threat_intelligence
-      weight: 720
-    - name: Trace Qualification
-      url: security/application_security/threats/trace_qualification/
-      parent: appsec_threats
-      identifier: threats_trace_qualification
-      weight: 721
-    - name: User Monitoring and Protection
-      url: security/application_security/threats/add-user-info/
-      parent: appsec_threats
-      identifier: threats_user_info
-      weight: 722
+      weight: 1
     - name: Attacker Fingerprint
-      url: security/application_security/threats/attacker_fingerprint/
-      parent: appsec_threats
+      url: security/application_security/security_signals/attacker_fingerprint/
+      parent: application_security_security_signals
       identifier: threats_attacker_fingerprint
-      weight: 723
+      weight: 2
     - name: Attacker Clustering
-      url: security/application_security/threats/attacker_clustering/
-      parent: appsec_threats
+      url: security/application_security/security_signals/attacker_clustering/
+      parent: application_security_security_signals
       identifier: threats_attacker_clustering
-      weight: 724
-    - name: Application Security for Serverless
-      url: security/application_security/serverless/
+      weight: 3
+    - name: Policies
+      url: security/application_security/policies/
       parent: application_security
-      identifier: asm_serverless
-      weight: 8
-    - name: Library Compatibility
-      url: security/application_security/serverless/compatibility/
-      parent: asm_serverless
-      identifier: asm_serverless_compat
+      identifier: application_security_policies
+      weight: 6
+    - name: Custom Rules
+      url: security/application_security/policies/custom_rules/
+      parent: application_security_policies
+      identifier: application_security_policies_custom_rules
       weight: 1
+    - name: OOTB Rules
+      url: security/default_rules/
+      parent: application_security_policies
+      identifier: application_security_policies_ootb_rules
+      weight: 2
+    - name: Exploit Prevention
+      url: security/application_security/exploit-prevention/
+      parent: application_security
+      identifier: exploit_prevention
+      weight: 7
+    - name: WAF Integrations
+      url: security/application_security/waf-integration/
+      parent: application_security
+      identifier: aws_waf_int
+      weight: 8
     - name: API Security Inventory
       url: security/application_security/api-inventory/
       parent: application_security

@@ -4,9 +4,6 @@ aliases:
 - /agent/guide/how_rc_works
 - /agent/guide/how_remote_config_works
 further_reading:
-- link: "/security/application_security/how-appsec-works/#built-in-protection"
-  tag: "Documentation"
-  text: "How Application Security Monitoring Works"
 - link: "/dynamic_instrumentation/?tab=configurationyaml#enable-remote-configuration"
   tag: "Documentation"
   text: "Dynamic Instrumentation"
@@ -296,13 +293,13 @@ datadog:
 [3]: /security/threats/setup
 [4]: /observability_pipelines/#observability-pipelines-worker
 [5]: /account_management/rbac/permissions#api-and-application-keys
-[6]: /security/application_security/threats/setup/compatibility/
+[6]: /security/application_security/setup/compatibility/
 [7]: /account_management/rbac/permissions#access-management
 [8]: https://app.datadoghq.com/organization-settings/remote-config
 [9]: /security/default_rules/#cat-workload-security
 [10]: /tracing/trace_pipeline/ingestion_controls/#managing-ingestion-for-all-services-at-the-agent-level
 [11]: /dynamic_instrumentation/?tab=configurationyaml#enable-remote-configuration
-[12]: /security/application_security/how-appsec-works/#built-in-protection
+[12]: /security/application_security/how-it-works/#built-in-protection
 [13]: /account_management/audit_trail
 [14]: /monitors/
 [15]: /help/

@@ -39,7 +39,7 @@ The geomap widget visualizes geographic data with shaded regions or points. It c
   |Metric   | The group by tag must include a country ISO Code (alpha-2 ISO format) or a country subdivision ISO Code (ISO-3166-2 format). You can [generate metrics from ingested logs][4], or manually include the [tags on ingest][2]. See the [querying documentation][5] to configure a metric query.|
   |RUM   | See the [RUM documentation][6] to configure a RUM query. |
   |SLO | See the [SLO search documentation][7] to configure an SLO query. |
-  |Security Signals <br> Application Security <br> Audit Trail | See the [Log search documentation][3] to configure a query. |
+  |Security Signals <br> App and API Protection <br> Audit Trail | See the [Log search documentation][3] to configure a query. |
 
   [1]: /logs/log_configuration/processors/#geoip-parser
   [2]: /getting_started/tagging/#define-tags

@@ -3,7 +3,7 @@ title: Getting Started with Security
 ---
 
 {{< whatsnext desc=" " >}}
-    {{< nextlink href="getting_started/security/application_security" tag="documentation" >}}Getting Started with Application Security{{< /nextlink >}}
+    {{< nextlink href="getting_started/security/application_security" tag="documentation" >}}Getting Started with App and API Protection{{< /nextlink >}}
     {{< nextlink href="getting_started/security/cloud_security_management" tag="documentation" >}}Getting Started with Cloud Security{{< /nextlink >}}
     {{< nextlink href="getting_started/security/cloud_siem" tag="documentation" >}}Getting Started with Cloud SIEM{{< /nextlink >}}
     {{< nextlink href="getting_started/code_security" tag="documentation" >}}Getting Started with Code Security{{< /nextlink >}}

@@ -6,8 +6,8 @@ aliases:
 further_reading:
 - link: "/security/application_security/terms"
   tag: "Documentation"
-  text: "Application Security terms and concepts"
-- link: "/security/application_security/how-appsec-works"
+  text: "App and API Protection terms and concepts"
+- link: "/security/application_security/how-it-works"
   tag: "Documentation"
   text: "How App and API Protection works"
 - link: "https://dtdg.co/fe"
@@ -44,7 +44,7 @@ These security insights are detected from data reported by APM. The insights hel
 ## Enable AAP
 
 ### Enable AAP with in-app instructions
-- To enable Threat Management in-app, navigate to [**Application Security > Setup**][29].
+- To enable App and API Protection in-app, navigate to [**App and API Protection > Setup**][29].
 - To enable Code Security in-app, navigate to [**Code Security > Setup**][29].
 
 
@@ -54,7 +54,7 @@ These security insights are detected from data reported by APM. The insights hel
 - Restarting your services. </br>
 
 1. Click **Get Started with AAP**.
-2. Select **Get Started** to detect vulnerabilities in open-source libraries (Software Composition Analysis), find and fix code-level vulnerabilities (Runtime Code Analysis), and find and enable threat detection on your services (Threat Management).
+2. Select **Get Started** to detect vulnerabilities in open-source libraries (Software Composition Analysis), find and fix code-level vulnerabilities (Runtime Code Analysis), and find and enable threat detection on your services (App and API Protection).
 3. Follow the instructions to get started with AAP.
 
    {{< img src="getting_started/appsec/asm_sca_setup.png" alt="Software Composition Analysis setup page." style="width:100%;" >}} -->
@@ -110,8 +110,8 @@ For information on disabling AAP or its related capabilities, see the following:
 [1]: https://app.datadoghq.com/services?&lens=Security
 [2]: https://app.datadoghq.com/services?hostGroup=%2A&lens=Security
 [3]: /security/application_security/threats/library_configuration/#configuring-a-client-ip-header
-[4]: /security/application_security/how-appsec-works/
-[5]: /security/application_security/threats/add-user-info/
+[4]: /security/application_security/how-it-works/
+[5]: /security/application_security/how-it-works/add-user-info/
 [6]: https://app.datadoghq.com/security?query=%40workflow.rule.type%3A%22Application%20Security%22&column=time&order=desc&product=appsec&view=signal&viz=stream&start=1674824351640&end=1675429151640&paused=false
 [7]: https://app.datadoghq.com/security/appsec
 [8]: https://app.datadoghq.com/security/appsec/traces

@@ -401,7 +401,7 @@ The source code integration supports the following Git providers:
 
 Install Datadog's [GitHub integration][101] on the [GitHub integration tile][102] to allow Datadog to synchronize your repository metadata automatically. When specifying permissions on the integration tile, select at least **Read** permissions for **Contents**.
 
-Setting up the GitHub integration also allows you to see inline code snippets in [**Error Tracking**][103], [**Continuous Profiler**][104], [**Serverless Monitoring**][105], [**CI Visibility**][106], and [**Application Security Monitoring**][107].
+Setting up the GitHub integration also allows you to see inline code snippets in [**Error Tracking**][103], [**Continuous Profiler**][104], [**Serverless Monitoring**][105], [**CI Visibility**][106], and [**App and API Protection Monitoring**][107].
 
 [101]: https://docs.datadoghq.com/integrations/github/
 [102]: https://app.datadoghq.com/integrations/github/
@@ -424,7 +424,7 @@ When you run `datadog-ci git-metadata upload` within a Git repository, Datadog r
 
 Run this command for every commit that you need to be synchronized with Datadog.
 
-If you are using [gitlab.com][1], this also allows you to see inline code snippets in [**Error Tracking**][3], [**Continuous Profiler**][4], [**Serverless Monitoring**][5], [**CI Visibility**][6], and [**Application Security Monitoring**][7].
+If you are using [gitlab.com][1], this also allows you to see inline code snippets in [**Error Tracking**][3], [**Continuous Profiler**][4], [**Serverless Monitoring**][5], [**CI Visibility**][6], and [**App and API Protection Monitoring**][7].
 
 ### Validation
 
@@ -567,17 +567,17 @@ For more information, see the [Code Security documentation][102].
 [102]: /security/code_security/
 
 {{% /tab %}}
-{{% tab "Application Security Monitoring" %}}
+{{% tab "App and API Protection Monitoring" %}}
 
-You can see links from errors in your security signals' associated stack traces to their source repository in **Application Security Monitoring**.
+You can see links from errors in your security signals' associated stack traces to their source repository in **App and API Protection Monitoring**.
 
-1. Navigate to [**Security** > **Application Security**][101] and select a security signal.
+1. Navigate to [**Security** > **App and API Protection**][101] and select a security signal.
 2. Scroll down to the **Traces** section on the **Related Signals** tab and click on an associated stack trace.
 3. Click **View Code** to open the error in its source code repository.
 
 If you're using the GitHub integration, click **Connect to preview** on error frames. You can see inline code snippets directly in the security signal's stack trace.
 
-{{< img src="integrations/guide/source_code_integration/asm-signal-trace-blur.png" alt="Link to GitHub from Application Security Monitoring" style="width:100%;">}}
+{{< img src="integrations/guide/source_code_integration/asm-signal-trace-blur.png" alt="Link to GitHub from App and API Protection Monitoring" style="width:100%;">}}
 
 [101]: https://app.datadoghq.com/security/appsec
 

@@ -5,7 +5,7 @@ further_reading:
 - link: "security/application_security/terms/"
   tag: "Documentation"
   text: "AAP Terms and Concepts"
-- link: "security/application_security/threats/add-user-info/?tab=set_user"
+- link: "security/application_security/how-it-works/add-user-info/?tab=set_user"
   tag: "Documentation"
   text: "User Monitoring and Protection"
 - link: "security/application_security/guide/"
@@ -266,7 +266,7 @@ To receive targeted and compromised user IDs with a webhook, set up a webhook us
 
 {{< partial name="whats-next/whats-next.html" >}}
 
-[1]: https://docs.datadoghq.com/security/application_security/threats/add-user-info/
+[1]: https://docs.datadoghq.com/security/application_security/how-it-works/add-user-info/
 [2]: https://app.datadoghq.com/security/configuration/asm/rules?query=type%3Aapplication_security%20defaultRule%3Atrue%20dependency%3A%28business_logic.users.%2A%29%20&deprecated=hide&groupBy=none&sort=rule_name
 [3]: https://app.datadoghq.com/security/configuration/asm/rules?query=type%3Aapplication_security%20defaultRule%3Atrue%20dependency%3A%28business_logic.users.%2A%29%20&deprecated=hide&groupBy=none&sort=rule_name
 [4]: https://docs.datadoghq.com/agent/remote_config/?tab=configurationyamlfile#enabling-remote-configuration

@@ -8,12 +8,12 @@ aliases:
   - /security/application_security/enabling
   - /security/application_security/getting_started
 further_reading:
-- link: "/security/application_security/how-appsec-works/"
+- link: "/security/application_security/how-it-works/"
   tag: "Documentation"
   text: "How App and API Protection Works"
 - link: "/security/application_security/threats/"
   tag: "Documentation"
-  text: "Threat Management"
+  text: "App and API Protection"
 - link: "/security/code_security/software_composition_analysis/"
   tag: "Documentation"
   text: "Software Composition Analysis"
@@ -36,7 +36,7 @@ further_reading:
   tag: "Blog"
   text: "Mitigate account takeovers with Datadog App and API Protection"
 algolia:
-  tags: ["asm", "application security"]
+  tags: ["asm", "App and API Protection"]
 ---
 
 {{< site-region region="gov" >}}
@@ -57,7 +57,7 @@ With AAP, you can cut through the noise of continuous trace data to focus on sec
 
 Until you fully remediate the potential vulnerabilities in your application code, AAP enables you to slow down attackers by blocking their IPs temporarily or permanently, with a single click.
 
-## Understanding how application security is implemented in Datadog
+## Understanding how App and API Protection is implemented in Datadog
 
 If you're curious how App and API Protection is structured and how it uses tracing data to identify security problems, read [How App and API Protection Works][3].
 
@@ -82,7 +82,7 @@ For information on disabling AAP or its features, see the following:
 
 [1]: /tracing/
 [2]: /agent/
-[3]: /security/application_security/how-appsec-works/
+[3]: /security/application_security/how-it-works/
 [4]: /security/default_rules/?category=cat-application-security
 [6]: https://app.datadoghq.com/security
 [7]: https://dashcon.io/appsec