ThreatMapper, an innovative cloud native service from Deepfence, has released version 1.4 of its open source project. This version provides enterprise-grade cloud security posture management and the first cloud native, YARA-based malware scanner in the market.
Running pods, images, hosts, and repositories can all have vulnerabilities that can be scanned, mapped, and ranked using the open-source platform ThreatMapper. ThreatMapper searches for vulnerabilities—both known and unknown—secrets, cloud misconfigurations, and other threats. It then contextualises its discoveries. With ThreatMapper, the scans take place either at runtime or as part of CI/CD. This gives firms the ability to not only recognise dangers but also decide how fast and effectively to address them. A platform like ThreatMapper is essential in a globally interconnected world where a single vulnerability (such as Log4j) could endanger countless enterprises and their clients.
Deepfence is a strong supporter of a community-based security approach, and open source ThreatMapper 1.4 offers more thorough threat mapping of vulnerabilities, sensitive information, and, now, cloud misconfigurations and malware. It also has the ability to contextualise and correlate scan results in an easy-to-understand graph, which makes it simpler to spot, react to, and proactively prevent potential attacks. This really is a first for the sector. No other project—commercial or free source—applies these complete features and capabilities throughout the full spectrum of cloud native architecture.
ThreatMapper 1.4 specifically includes:
- ThreatGraph is a potent new feature that enables organisations to prioritise threat scan results based on runtime context, such as network flows, and to reduce thousands of attack path alerts to just a few of the most important and dangerous ones.
- Agentless cloud security posture management (CSPM) of cloud assets mapped to various compliance controls, such as CIS, HIPAA, GDPR, SOC 2, and more.
- YaraHunter, the first open source malware scanner for environments that use cloud native technology.
ThreatMapper 1.4 gives businesses the opportunity to locate and rank potential threats, like the Log4j2 vulnerability, so security teams can make educated judgments and plug gaps that might have gone unreported in the past. This improves upon the cutting-edge security features in Deepfence ThreatMapper 1.3, such as runtime software bill of materials (SBOMs) and secret scanning at runtime, protecting not only specific enterprises but also our increasingly interconnected society as a whole.