How to Detect and Defeat the Log4j2 Vulnerability with Deepfence
Introduction to log4j2 mitigation The log4j2 vulnerability like the OpenSSL Heartbleed and Apache Struts vulnerabilities that came before it are poignant reminders to digital businesses that it’s not just enough to respond to a vulnerability by redeploying applications once a... Read More >
January 10, 2022
Visualize Attack Paths in Production Environments with ThreatMapper
The huge advances in ‘Shift Left’ processes makes it possible to deliver code to production that is secure and largely free from vulnerable dependencies. Among other things, these processes typically involve matching dependencies against public vulnerability lists from Mitre, Red... Read More >
December 17, 2021
CVE-2021-44228: Log4j2 Exploitability & Attack Path Mitigation with ThreatMapper
Quick Overview The gravest cyber threat of modern times is upon us in the form of CVE-2021-44228. Here are some key resources: CVE-2021-44228: Apache Log4j <=2.14.1 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints.Severity:... Read More >
December 12, 2021
ThreatMapper picks up where Shift Left ends
Shift left, secure right. Shift left initiatives empower developers and DevOps teams to deliver secure code to production. Once code has been deployed, shift left steps back and ThreatMapper takes over. We recently announced that ThreatMapper is now 100% open... Read More >
November 11, 2021
Recap: Deepfence at KubeCon + CloudNativeCon North America 2021
We were delighted to take part in KubeCon + CloudNativeCon North America 2021! It was awesome meeting so many of you virtually and in person. Although in person attendance was understandably light this year, we had great conversations about how... Read More >
October 25, 2021
