The open source, multi-cloud platform for scanning production environments for vulnerabilities and compliance exceptions, and for collecting runtime security events for offline analysis.Learn More
Extend ThreatMapper with runtime attack analysis, threat assessment, and targeted protection for your applications. Scalable, supported, and ready for action!Learn More
Vulnerability and Compliance Scanning
Discover and visualize running pods, containers, and hosts
Detect vulnerabilities during CI/CD
Detect vulnerabilities in production registries
Detect vulnerabilities in production infrastructure
Highest-risk scoring of production vulnerabilities
Compliance Scanning against Industry Benchmarks
Supported host operating systems
Bare metal, virtual machines, containers, serverless
Deepfence recognizes the challenges that security professionals face in order to secure their infrastructure and the applications created by their DevOps teams.
Deepfence ThreatMapper is a fully open source platform that makes it easy to scan for vulnerabilities and build a map of threats across multiple clouds and application types.
Deepfence ThreatStryker extends ThreatMapper with compliance scanning, runtime sensors and a correlation and protection engine. Our intent is to migrate all security and observability capabilities, including compliance scanning and runtime sensors, into the open source ThreatMapper platform. ThreatMapper will make all threat and runtime data available through public APIs, for dashboards, SIEM, and other external applications to consume.
ThreatStryker is to be refactored as a standalone application that consumes vulnerability and telemetry data from the ThreatMapper platform using the public APIs, and provides runtime attack analysis and protection.