SAN FRANCISCO—Deepfence, a pioneer in the emerging security observability and protection space, today announced the 1.4 release of its open source project ThreatMapper, a cutting-edge, cloud native offering that expands attack path visualization, adds enterprise-grade cloud security posture management, and now includes the industry’s first cloud native, YARA-based malware scanner.
“Security is a collective good and a basic right, and we are proud to offer an open platform that addresses the most pressing day one needs of cloud security teams”
ThreatMapper is an open platform for scanning, mapping, and ranking vulnerabilities in running pods, images, hosts, and repositories. ThreatMapper scans for known and unknown vulnerabilities, secrets, cloud misconfigurations and then puts those findings in context. With ThreatMapper, the scans happen as part of CI/CD or at runtime. This empowers organizations to not only identify threats but also to determine how–and how quickly–to deal with them. In a globally connected environment in which a single vulnerability can put untold numbers of organizations and their customers at risk (e.g. Log4j), a platform like ThreatMapper is critical.
Deepfence is a firm believer in a community-based approach to security, and open source ThreatMapper 1.4 provides more comprehensive threat mapping — of vulnerabilities, sensitive secrets, and, now, cloud misconfigurations and malware — as well as the ability to contextualize and correlate scan results in an intuitive graph that makes it easier to see, respond to, and proactively prevent potential attacks. This is truly an industry first. There is no other project, open source or commercial, that applies these comprehensive features and capabilities across the cloud native continuum.
Specifically, ThreatMapper 1.4 includes:
- ThreatGraph, a powerful a new feature that uses runtime context like network flows to prioritize threat scan results and enables organizations to narrow down attack path alerts from thousands to a handful of the most meaningful (and threatening)
- Agentless cloud security posture management (CSPM) of cloud assets mapped to various compliance controls like CIS, HIPAA, GDPR, SOC 2, and more
- YaraHunter, the industry’s first open source malware scanner for cloud native environments
“The cloud native ecosystem is built on OSS libraries and components, yet the majority of tools available to secure cloud native workloads are closed source proprietary software that you can never fully understand how they work, and which only companies with deep pockets can afford. If we truly want to materially improve security of our cloud native workloads, we need to make the tooling accessible to everyone in the community, so we can build and innovate together. With ThreatMapper 1.4, Deepfence is rolling out what I see as another credible open source win for the industry – ThreatGraph, which provides a substantive range of threat detection, and more – combined into a single, easy-to-use open source tool,” said Nick Reva, Engineering Manager, Security Engineering, Snapchat.
ThreatMapper 1.4 enables organizations to find and rank potential threats, such as the Log4j2 vulnerability, so security teams can make informed decisions and shore up critical gaps that may have otherwise gone unnoticed. This builds on the advanced security tools in Deepfence ThreatMapper 1.3, such as secret scanning at runtime and runtime Software Bill of Materials (SBOMs), protecting not only individual organizations but also our ever-more-interconnected society as a whole.
“Security is a collective good and a basic right, and we are proud to offer an open platform that addresses the most pressing day one needs of cloud security teams,” said Sandeep Lahane, Co-founder and CEO of Deepfence. “ThreatMapper 1.4 is a giant leap forward for the security community, providing the most comprehensive security features and capabilities that security teams need, free of any cost or limitations. With version 1.4 we’ve strengthened ThreatMapper’s capabilities to the point that we’re not aware of any other product – open source or commercial – that can match it.”
Deepfence is an essential security observability and protection platform for cloud-native and container environments. Deepfence measures, maps, and visualizes your runtime attack surfaces, and provides full-stack protection from known and unknown threats. Deepfence ThreatMapper helps protect the increasingly vulnerable software supply chain by automatically scanning, mapping, and ranking application vulnerabilities and sensitive secrets in running containers, images, hosts, and repositories — from development through production. Deepfence ThreatStryker uses industry attack heuristics to interpret ThreatMapper intelligence and telemetry, identifying attacks-in-progress and deploying mitigating firewall and quarantine measures. To learn more, visit deepfence.io.