About
At Datadog, I match the needs of our VP+-level customers with the work we do across our…
Articles by Lars
Activity
10K followers
-
Lars Kamp posted thisWith AI, as a startup, seems like you’re truly only growing if you have to measure your metrics with a log scale.
-
Lars Kamp shared thisAmong my favorite platform features are Datadog Sheets. Sheets are an easy-button to centralize, filter and analyze data and create reports - such as for your compliance audits, aka "Governance, Risk and Compliance" (GRC). Compliance today still deals with "snapshots." You pull data from your cloud provider, a separate vulnerability scanner, and a manual task tracker, then try to stitch them together in a (static) report. But by the time an auditor sees the data, it's already stale and the "unified view" is a collection of disconnected screenshots. There are GRC tools out there that have made that process much easier and elegant of course, in particular by combining data collection and reporting in a way that it's familiar to the auditors. That compresses the time and cost to perform an audit, a huge value. But you're still moving your security data to a separate compliance black box that lives outside of your actual environment, instead of bringing the reporting to where the data already lives. Think of Sheets as a spreadsheet interface that is built directly into your observability & security platform. That has a number of advantages for your GRC process: REAL TIME CORRELATION Instead of looking at a "sync" from four hours ago, you're querying and joining live data (SAST, SCA, misconfigurations, IAM risks, etc.) in one grid. FUNCTIONS & TRACEABILITY Since you're spreadsheet interface is connected to the full infra data, functions like lookups can trace a vulnerability from a line of code to a specific production host in seconds. REUSABLE LOGIC One of the drags of compliance work is doing the same work over and over again. With Sheets, once you've built an audit-ready template (e.g. filter by severity, status, environment), just refresh it for the quarter or month. Done! And I know what you're going to ask next - "in a world of AI, why would I still need a spreadsheet?" The reason is "trust", and auditor will want to see the formula, and not just a "black box" answer. An auditor will want to see the logic of how data point A led to conclusion B. Sheets organizes raw, messy security findings into a queryable, tabular format. The reports are business assets that you create for auditors. That's where AI comes in next. By putting your compliance data in a Sheet, you’ve now created a clean room for AI to synthesize your findings. With your compliance reports in Sheets, you can use natural language to ask Bits AI, our built-in AI Assistant, to e.g. "summarize the high-severity vulnerabilities in this view". Bits AI makes it much easier to find patterns that a human might miss or take lots of time to identify. My colleagues Reva Ranka and Gorka Vicente wrote more about how you can use Sheets to generate audit-ready vulnerability and compliance reports: https://lnkd.in/gASYzzkP
-
Lars Kamp shared thisI just found out about Cooking with CISOs by Dani Woolf, and it's plain out amazing. https://lnkd.in/g9SbXWemLars Kamp shared thisWhat does a 24-year partnership actually look like? In this episode of Cooking with CISOs, we're joined by Scott Shepard, VP Cybersecurity and IT Infrastructure at Motorola Solutions, and Erik Montcalm, VP of Client Services at SecureOps. Together with surprise guest, Loren Goldig, CEO of SecureOps, they make Canadian lobster poutine (with cheese curds smuggled across the border) and unpack a partnership that started 24 years ago! In this episode of Cooking with CISOs, we'll uncover: - How a 24-year partnership was born and why SecureOps became Motorola's "Marines" - The cupboard SOC, the 9/11 call, and the moment that defined the relationship - The innovation flywheel - how Motorola's challenges become SecureOps' capabilities - Scott's origin story - how a hacked lab turned a bored engineer into a 30-year security leader - What partnership looks like in the trenches - weekends, incidents, shared pain - AI agents attacking, AI agents defending and why you need a partner that evolves This is not a case study. It's not a testimonial. It's the story of what happens when challenge creates capability, capability creates trust, and trust creates legacy. Thick and thin. Join us to binge-watch the full episode, airing Friday, February 13th at 12pm Eastern/11am Central. A huge thank you to our friends at SecureOps for sponsoring this episode and for bringing Scott to the table. --- Cooking with CISOs is proudly brought you by the team at The CyberNest, CyberSynapse.io, and Whyze Labs.
-
Lars Kamp shared thisOn March 18th we're hosting "Sip & Secure", a virtual event that booked out in no time flat last year, and combines cloud security with wine tasting! It's a 90-min session where we take a high-level look at Datadog’s security platform, followed by a guided wine tasting experience with Stags' Leap Winery. Stag's Leap will ship 3 bottles of wine to your home, and one of their winemakers will join us live and walk you through the tasting experience for each wine. "Sip & Secure" started as a test last year, because we wanted to work with our customers who may not be in one of the metro areas where he host dinners. "What if we just shipped wine to people's homes?" we asked ourselves. Well, turns out that idea worked quite well! We had quite a few "oohs", "aahs" and "oh wow!' during the tasting session, and some attendees brought along their colleagues and spouses. It was quite an experience to see so many different people go through a wine tasting experience on Zoom, and so we decided to bring Sip & Secure back! So if you like wine and cloud security, we got something for you! You can sign up to join the experience with this link: https://lnkd.in/gXm5FMaqSip & Secure: From Threat Detection to Decanting with Datadog + ExpelSip & Secure: From Threat Detection to Decanting with Datadog + Expel
-
Lars Kamp shared thisI think AI is causing a shift in the security stack, from a “𝗿𝗶𝘀𝗸 𝘀𝘁𝗮𝗰𝗸” to a “𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝘀𝘁𝗮𝗰𝗸”, and it’s more than just “AI agents”. The traditional cybersecurity model is the “risk stack”, and security is a discipline of detection. We scan, alert, score, prioritize, and generate tickets. The stack is designed to tell humans what’s wrong. That model stops working when you have bad actor agents who can breach your infra in less than 20 minutes. In that new world, you have to find a way to respond to incidents and fix them autonomously, and that is the shift to a “response stack”. Security teams already have no shortage of alerts. The output of the "risk stack" is ultimately tickets (Jira, ServiceNow, Slack), and that creates a human bottleneck. Prioritization is a nicer way of saying that we only fix the most dangerous issues because we don’t have the time to fix everything. So the solution can’t be to just keep on adding to the backlog of unsolved problems. The math stops working when we keep operating defense at human-speed against a theoretically infinite number of actors and threats. The goal has to be that we substitute tickets with actions. That’s of course where AI comes in, with AI agents that perform the autonomous fixing. Technology aside, the “response stack” also requires a “from / to” shift in thinking: 𝗢𝗯𝗷𝗲𝗰𝘁𝗶𝘃𝗲: Prioritization (scoring risks) → response (fixing risks) 𝗘𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲: Widgets ("check this graph") → agents ("I fixed it") 𝗪𝗼𝗿𝗸𝗳𝗹𝗼𝘄: Tickets (human queues) → PR (automated code) 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲: Signatures (static rules) → inference (reasoning models) 𝗘𝗰𝗼𝗻𝗼𝗺𝘆: Logs (cost of storage) → tokens (cost of action) To perform autonomous response and remediation, the AI agent needs, wait for it, context. Yes, I know, not an earth-shaking insight. But I think that need is making the case to unify two currently separate teams and data sets, observability and security. Today, these teams are looking at data on different screens, telling different stories, for different use cases. 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 optimizes for performance with reliability data 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 optimizes for posture with risk data I think keeping observability and security data separate is risky in the age of AI. The separation keeps you in the old risk stack and prevents you from shifting to a response stack. AI agents need full context to respond to incidents, and essential metadata like metrics, traces, and ownership is hidden in engineering's observability data. Bringing data and teams together has more benefits. Engineering has a strong incident-response muscle from dealing with operational issues that can be repurposed for security incidents. Conversely, security's complete view of inventory and shadow IT/AI benefits engineering, to test for misuse, not just bugs, and build resilient agents that perform. Picture courtesy of Nano Banana.
-
Lars Kamp shared thisI've been thinking about the data ecosystem, and 2026 feels like the year of "The Great Convergence", with 3 trends. 👇 I don't remember who said it, but "there are two ways to make money, bundling and unbundling." Well, the era of "best-of-breed" fragmentation is over. After years of unbundling, the data ecosystem is consolidating. It’s no longer about stitching together 15 different tools (which is insanity to start with, but VCs need to write checks...). Now, it’s about choosing your platform. 3 dynamics shaping the industry: 1️⃣ 𝗠𝗼𝗱𝗲𝗿𝗻 𝗗𝗮𝘁𝗮 𝗦𝘁𝗮𝗰𝗸 𝗖𝗼𝗻𝘀𝗼𝗹𝗶𝗱𝗮𝘁𝗶𝗼𝗻 Fivetran is evolving from a connector utility to an "open data infrastructure" platform. Fivetran acquired dbt Labs (transformation), Census (activation), and Tobiko Data (governance/SQLMesh), and rolled up the "Modern Data Stack" into a single, unified lane. It's the consolidation of the infrastructure layer that sits between your raw data sources and your data warehouse (like Snowflake or Databricks). Adjacent categories like reverse ETL and data observability will be features, not standalone (and overcapitalized) companies. For example, Datadog acquired Metaplane to offer data observability as part of our platform. 2️⃣ 𝗖𝗹𝗮𝘀𝗵 𝗼𝗳 𝘁𝗵𝗲 𝗧𝗶𝘁𝗮𝗻𝘀: 𝗕𝗶-𝗗𝗶𝗿𝗲𝗰𝘁𝗶𝗼𝗻𝗮𝗹 𝗘𝘅𝗽𝗮𝗻𝘀𝗶𝗼𝗻 Snowflake and Databricks are conquering each other's territory. Snowflake (the "trust" play) is expanding "down the stack", e.g. with the acquisition of Datometry to accelerate legacy migrations, and "up the stack" into AI trust and metadata with Truera and Select Star. An attempt to build a governed, integrated ecosystem where apps live alongside data. Observe was a great outcome, but not a runaway success, and observability is new market/app for Snowflake. Databricks (the "warehouse" play) is validating the Lakehouse by moving "up the stack". Databricks SQL has $1B+ in revenue. With the acquisition of Tabular (creators of Iceberg) they are commoditizing the data format, and have proven that a unified platform for BI + AI is possible. Databricks is already the data acquisition layer - easier to convince customers to also use them as the analytics layer. The other way around - not so much. Snowflake relies on Fivetran. 3️⃣ 𝗧𝗵𝗲 𝗘𝗺𝗲𝗿𝗴𝗲𝗻𝗰𝗲 𝗼𝗳 𝘁𝗵𝗲 "𝗕𝘂𝗶𝗹𝗱𝗲𝗿'𝘀 𝗦𝘁𝗮𝗰𝗸" There's a new, agile ecosystem rising from the edge. Tools like DuckDB/Motherduck (in-process OLAP), dlthub (code-first ELT), and ClickHouse (real-time analytics) are forming a "Builder's Stack". This stack is about offloading local, real-time, and developer-heavy workloads to faster, cheaper, and simpler engines. They cater to a user base who prefer to use code over SQL to extract data from wide variety of sources - and that code just got easier to write with LLMs! The ZIRP-era fragmentation is def over and resolving into platforms. I don't know who is going to win, but there might be enough $$$ in the market for everyone.
-
Lars Kamp posted thisAt Datadog, we think about AI in three distinct buckets: 1. 𝗔𝗜 𝗳𝗼𝗿 𝗗𝗮𝘁𝗮𝗱𝗼𝗴: Building agents into our products. 2. 𝗗𝗮𝘁𝗮𝗱𝗼𝗴 𝗳𝗼𝗿 𝗔𝗜: Securing & monitoring our customers' AI workloads. 3. 𝗔𝗜 𝗮𝘁 𝗗𝗮𝘁𝗮𝗱𝗼𝗴: Using AI internally to ship faster OpenAI just published a case study on that third bucket. It details how our engineering team uses Codex to solve a specific challenge: maintaining velocity at Datadog scale. The sheer size of our systems exceeds what any single human can hold in their head. • We have thousands of engineers shipping code constantly. • We ingest trillions of data points hourly. • We support thousands of customers. Standard coding assistants help you write functions faster. But at our scale, we need more than syntax completion. We need system-level understanding. We integrated Codex into our internal workflows using MCP. This connects the AI model to our live observability data. The result is an agent that doesn't just "write code." It acts as an on-call partner that: • reviews logic against production constraints. • detects anomalies in telemetry during development. • suggests fixes based on incident history, not just training data. This closes the loop between 𝘸𝘳𝘪𝘵𝘪𝘯𝘨 𝘴𝘰𝘧𝘵𝘸𝘢𝘳𝘦 and 𝘳𝘶𝘯𝘯𝘪𝘯𝘨 𝘴𝘰𝘧𝘵𝘸𝘢𝘳𝘦. Here's the simple "so what?" from the post: Don't just use AI to generate boilerplate. Connect it to your runtime data. That is how you turn a coding tool into an engineering asset. At least, that's how we did it and it's working for us. Shoutout to our colleagues Brad Carter and Ted Wexler quoted in the post. Read the full deep dive from OpenAI here: https://lnkd.in/gp-d7RE4
-
Lars Kamp shared this“60% of the time, it works every time” [Anchorman] → How we prevent AI Slop in Datadog products. Story time: During the mobile SDK days, a developer at “Hotel Tonight” cross-correlated two data points in our analytics dashboard. You really had to dig in to find that data - but it means he was an engaged user. In fact, super-engaged. Those data points should have been identical. But they weren't, because we used two different data stores on the back-end. Why is a story for another day, but that customer lost complete faith in our product, and it took us a year (and re-architecting our stack) to fix the issue and gain that trust back. I see this problem again in AI products. By now, we can all sniff out AI-generated content from a mile away (“in this ever-evolving [insert industry] landscape”, etc.) And that's just not good enough for infrastructure and security, especially when you’re responding to a production or security incident. You need accuracy, not “60% of the time, it works every time.” If you don’t have accuracy - your customers will lose faith in your product. At Datadog we’re investing heavily into Bits AI, our suite of intelligent AI capabilities that work across your monitoring, development, and security workflows. Our Bits AI agents make recommendations and perform actions. So the quality bar for Bits AI is to build AI agents that act like a senior engineer on your team, someone you can rely on. That means we can't just rely on generic models, but need to set a "new normal" for accuracy. In practice that means no AI feature ships without evaluation against high-quality, expert-labeled datasets. Three ways how we accomplish that “new normal”: MODELS & DATA We of course use the frontier-LLMs (GPT, Claude, Gemini). But we’ve also built our own open-source foundation models and benchmarks (Toto and BOOM) to ground our AI in the reality of distributed systems. We have one of the world's largest, maybe even the largest observability data set, an ideal training ground. HUMAN IN THE LOOP Our Bits AI team has built evaluations using thousands of real alert root causes from our own internal production environment (this is the moment where no other company can make a better pun with "dogfooding"). That’s actual operational data that ends up paging people. With our evaluations, we ensure our agents are tested against real-world, not theoretical scenarios. SHARED INFRASTRUCTURE We’ve built a common infrastructure for data archiving, labeling, and reusing evaluation datasets. That gives our engineers readily available evaluation datasets, shortens our development cycles, and defines standards for our product teams to evaluate new AI features. So when Bits AI makes a recommendation, it has been measured against thousands of real-word data points, with the judgment of our human experts. Accuracy you can rely on. If you're at Reinvent this week, check out Bits AI - and I think you'll be delighted!
-
Lars Kamp shared thisIf you've been told by your CEO to "figure out our AI story", we've got something for you at Reinvent! 🛝 But before everything else you want to try out our Giant Slide at the entrance of the expo floor. 🥐 We also host breakfasts, lunches and cocktail hours all week long - come join us! --> use the link in the post to register! Other than that, we've got some ~40 new product releases to show you, of course with lots of new AI capabilities and features. So please take a moment for these important messages: 🔎 AI & AI OBSERVABILITY Agent Builder Conversational AI AI Agents Console Datadog MCP Server Prompt & Version Tracking Experiments & Playground Bits AI K8 Active Remediation Bits AI Serverless Remediation Bedrock & AWS Strands Agent Support ⛅ AWS & OBSERVABILITY Flex Frozen Cloud Prem Status Pages Packs for AWS Network Health Log Rehydration AWS Batch Metrics RDS Instance Recommendations Lambda Cost Recommendations CloudWatch Metrics for GovCloud 🚂 SECURITY Secret Scanning OCSF Processor AI Security Graph Cloud Risk Insights AI-based Code Detection AI-based Code Validation AI-based Code Remediation Amazon Bedrock Misconfigurations See you on the Expo Floor!Lars Kamp shared thisWhat an incredible start to #AWSreInvent! 🎥 Watch the highlights and see what’s coming next. 🔗 https://lnkd.in/ga-UDMUQ #reInventwithDatadog
-
Lars Kamp liked thisWith AI, as a startup, seems like you’re truly only growing if you have to measure your metrics with a log scale.
-
Lars Kamp liked thisLars Kamp liked thisDatadog is helping healthcare customers like Henry Meds stay secure without slowing down. With Datadog Cloud SIEM, their team moved from juggling multiple tools to centralized visibility and correlated, actionable signals — enabling faster, more effective incident response in a single streamlined workflow. Thank you to Stefan R. for the partnership and perspective.
-
Lars Kamp liked thisLars Kamp liked this28 years - a long journey by any stretch, and one that’s been extraordinary. After nearly three decades, I’m turning the page on the practice of law. It’s a journey that started with no expectations; but one that’s given me so much. Being bold enough to be different has allowed me to achieve everything I could have possibly imagined, and more. Practicing at the highest levels and, for the most part, on the side of amazing and irrepressible founders, operators and company builders (as well as the daring investors who backed them), has been the greatest honor of my life. 🌎 It’s taken me from NYC, to London, to SF and Silicon Valley. With MANY visits to other ecosystems in between! 🏛️ I’ve been entrusted as a key strategic advisor on more than 300 transactions valued at over $275 billion in aggregate deal value; some that have been groundbreaking in their structure. All of them have created impact for the wonderful humans involved, and that brings me joy. 💫 My privilege has been to learn from from some of the world’s best at Davis Polk & Wardwell LLP (my rigorous “classical training”). Through the luck of an intro, Wilson Sonsini Goodrich & Rosati extended me the opportunity to develop deep immersion and witness the power and impact of technology on every industry (my “strategic evolution”). Most importantly, I was called on to build with entrepreneurial partners at Goodwin to launch their West Coast Tech Practice. This attempt by an East Coast firm to not only break into, but eventually best, Silicon Valley incumbents was audacious! The agency and the collaborative spirit here allowed me to be an intrapreneur. That will always be the highlight of my legal career. 🚀 And what a rocketship! Being a part of - and ultimately entrusted to lead - a team what has been ranked the #1 M&A practice in the world for 6 straight years is one build that I’ll never forget. And the fact that in doing so garnered the recognition of my peers and clients both, I’m very proud of. I am happy that I’m not bidding goodbye to #goodwinlaw�� I have transitioned to a Senior Advisor role which will allow me to stay close to a place that will always feel like family to me. ❤️ Too many people to thank - so many who have made an impact on my trajectory, my thinking and my life - that I will simply say, THANK YOU, from the bottom of my heart… you know who you are! 🙏 Especially to my clients, who have entrusted their most crucial transactions to me, many of whom have become dear friends. So what’s next? I’m, of course, going to build something new! I can’t sit still and I don’t do beach vacations. Do share what you’re working or is fascinating you. And I’ll share more about what I’m working on in due time… BTW - those who know me know that l’m a big believer in fate, serendipity and… signs. 🪧 A couple below are ones that literally crossed my path recently. And yes, I’m 52. A great age for a new adventure. Amaze, Amaze, Amaze! #iykyk 🎤 #micdrop
-
Lars Kamp liked thisLars Kamp liked thisFounders: Create a 'Closing Week' checklist: - All stakeholders identified - Security reviews completed - Payment process confirmed - Implementation timeline agreed No surprises in the final yard.
-
Lars Kamp liked thisLars Kamp liked thisOnly 18% of vulnerabilities labeled “critical” remain critical once you factor in runtime context and exploitability signals. Vulnerability backlogs don’t grow because teams don’t care, they grow because there’s never enough time. When everything is critical, nothing truly is. Leaning on CVSS alone often doesn’t reflect the reality of how an application is actually running in production. At RSA, I’ll be digging into this in my session: Rethinking Vulnerability Backlogs: When CVSS Scores Don’t Match Reality Thursday March 26 @ 10:50 We’ll explore what changes when you evaluate severity through real application context, and how that shift can dramatically reshape priorities (and reduce noise). If you’ve ever stared at a backlog and wondered, “Are these really all urgent?” This session is for you. #RSAC
-
Lars Kamp liked thisLars Kamp liked thisDo you create or build things in California? The proposed "one time, billionaire tax" allows the state to take a slice of everything you own, it's not one time, it's not limited to billionaires and (even)the government accounts say it won't work.
Experience & Education
-
Datadog
View Lars’s full experience
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
Other similar profiles
Explore more posts
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content