Deepfence Open-Source Platform Visualizes Cloud-native Threat Landscape

By Greg Tavarez, TMCnet Editor  |  August 16, 2022

Deepfence is a security observability and protection platform for cloud-native and container environments that is a believer in a community-based approach to security. It’s offering, ThreatMapper, is an open platform for scanning, mapping and ranking vulnerabilities in running pods, images, hosts and repositories.

ThreatMapper scans for known and unknown vulnerabilities, secrets and cloud misconfigurations. Then, the platform puts those findings in context. Building on these capabilities, Deepfence announced the 1.4 release of ThreatMapper.

ThreatMapper 1.4 will enable organizations to find and rank potential threats, such as the Log4j2 vulnerability. Security teams will then make informed decisions and support critical gaps that may have otherwise gone unnoticed. This builds on the advanced security tools in Deepfence ThreatMapper 1.3, such as secret scanning at runtime and runtime software bill of materials, protecting individual organizations and the more interconnected society as a whole.

ThreatMapper 1.4 includes:

  • ThreatGraph, a new feature that uses runtime context like network flows to prioritize threat scan results and enables organizations to narrow down attack path alerts from thousands to a handful of the most threatening.
  • Agentless cloud security posture management of cloud assets mapped to various compliance controls like CIS, HIPAA, GDPR and SOC 2.
  • YaraHunter, an open-source malware scanner for cloud native environments. Deepfence YaraHunter scans container images, running Docker containers and filesystems to find indicators of malware. 

“With version 1.4, we've strengthened ThreatMapper's capabilities to the point that we’re not aware of any other product – open source or commercial – that can match it," said Sandeep Lahane, co-founder and CEO of Deepfence.

ThreatMapper 1.4, available on GitHub, provides comprehensive threat mapping of vulnerabilities, sensitive secrets, and cloud misconfigurations and malware. It also provides the ability to contextualize and correlate scan results in an intuitive graph that makes it easier to see, respond to, and proactively prevent potential attacks.

Edited by Erik Linask