Deepfence announced the 1.4 release of its open source project
ThreatMapper,
a cutting-edge, cloud native offering that expands attack path
visualization, adds enterprise-grade cloud security posture management,
and now includes the industry's first cloud native, YARA-based malware
scanner.
ThreatMapper
is an open platform for scanning, mapping, and ranking vulnerabilities
in running pods, images, hosts, and repositories. ThreatMapper scans for
known and unknown vulnerabilities, secrets, cloud misconfigurations and
then puts those findings in context. With ThreatMapper, the scans
happen as part of CI/CD or at runtime. This empowers organizations to
not only identify threats but also to determine how-and how quickly-to
deal with them. In a globally connected environment in which a single
vulnerability can put untold numbers of organizations and their
customers at risk (e.g. Log4j), a platform like ThreatMapper is
critical.
Deepfence
is a firm believer in a community-based approach to security, and open
source ThreatMapper 1.4 provides more comprehensive threat mapping - of
vulnerabilities, sensitive secrets, and, now, cloud misconfigurations
and malware - as well as the ability to contextualize and correlate scan
results in an intuitive graph that makes it easier to see, respond to,
and proactively prevent potential attacks. This is truly an industry
first. There is no other project, open source or commercial, that
applies these comprehensive features and capabilities across the cloud
native continuum.
Specifically, ThreatMapper 1.4 includes:
- ThreatGraph,
a powerful a new feature that uses runtime context like network flows
to prioritize threat scan results and enables organizations to narrow
down attack path alerts from thousands to a handful of the most
meaningful (and threatening)
- Agentless
cloud security posture management (CSPM) of cloud assets mapped to
various compliance controls like CIS, HIPAA, GDPR, SOC 2, and more
- YaraHunter, the industry's first open source malware scanner for cloud native environments
"The
cloud native ecosystem is built on OSS libraries and components, yet
the majority of tools available to secure cloud native workloads are
closed source proprietary software that you can never fully understand
how they work, and which only companies with deep pockets can afford. If
we truly want to materially improve security of our cloud native
workloads, we need to make the tooling accessible to everyone in the
community, so we can build and innovate together. With ThreatMapper 1.4,
Deepfence is rolling out what I see as another credible open source win
for the industry - ThreatGraph, which provides a substantive range of
threat detection, and more - combined into a single, easy-to-use open
source tool," said Nick Reva, Engineering Manager, Security Engineering,
Snapchat.
ThreatMapper 1.4 enables organizations to find and rank potential threats, such as the Log4j2 vulnerability,
so security teams can make informed decisions and shore up critical
gaps that may have otherwise gone unnoticed. This builds on the advanced
security tools in Deepfence ThreatMapper 1.3,
such as secret scanning at runtime and runtime Software Bill of
Materials (SBOMs), protecting not only individual organizations but also
our ever-more-interconnected society as a whole.
"Security
is a collective good and a basic right, and we are proud to offer an
open platform that addresses the most pressing day one needs of cloud
security teams," said Sandeep Lahane, Co-founder and CEO of Deepfence.
"ThreatMapper 1.4 is a giant leap forward for the security community,
providing the most comprehensive security features and capabilities that
security teams need, free of any cost or limitations. With version 1.4
we've strengthened ThreatMapper's capabilities to the point that we're
not aware of any other product - open source or commercial - that can
match it."
ThreatMapper 1.4 is 100% open source and available on GitHub.