Cloud Native ComputingDevelopersDevOpsNewsOpen SourceSecurity

Deepfence Introduces Secret Scanning And Runtime SBOMs In ThreatMapper 1.3.0


Deepfence, the security observability platform for cloud and container native environments, has announced the release of ThreatMapper 1.3.0, helping users and companies perform “shift left” scanning during development and vulnerability scanning in production environments. The open source project’s latest version now includes SecretScanner enabling users to scan for and report sensitive secrets left inadvertently in production workloads and in container images in registries. The secret scanning technology enables users to schedule scans for vulnerabilities and secrets in production, assess the risks, and prioritize remediation.

Threatmapper can scan running operating systems, applications, containers, and serverless workloads for vulnerable software components and exploit attempts. Finding and securing secrets, such as encryption keys, authentication tokens, and passwords before bad actors is integral to preventing unauthorized access to enterprise keys that unlock access to databases and critical infrastructure.

The latest version of ThreatMapper has also added in the capability for organizations to enumerate a software bill of materials (SBOM) at runtime. Applying runtime context about code, computer and cloud data, helps users better understand what is running in production environments. New packages, processes, or activities within the infrastructure that deviate from what was put into production can indicate an attack in progress, which needs to be reviewed and remediated immediately.

Deepfence has also extended its signature Attack Path Visualizations in the 1.3.0 release providing users with additional context about the most vulnerable attack paths in their environment. It does this by specifying each path’s exposure to the internet, helping users narrow down thousands of potential issues to just a few that need fixing immediately. It aims to expose the easier-to-find attack paths with direct internet exposure as well as the hard to find paths hidden behind proxies indirectly exposed to potentially malicious traffic.

Key milestones of the project since it was contributed to the security community in October 2021 include more than 1,200 stars on GitHub, and more than 500,000 pull requests from Dockerhub.

By Emily Nicholls