Weakly-configured cloud and container infrastructure is an open door for internal and external parties wishing to gain unauthorized admin access. ThreatStryker automatically benchmarks your infrastructure against industry and community best practices and alerts you of any compliance issues.
ThreatStryker detects the role of your hosts and executes the appropriate community and industry-standard compliance scans, including OS-vendor profiles, CIS benchmarks, and role-specific profiles for Kubernetes.
Compliance scans run the gamut from checking file and process permissions, flagging up unnecessary services, checking log configuration for coverage and security, to ensuring that security standard practices are in place. Kubernetes-specific scans go even deeper, checking API, network and resource capabilities.
Operating in a regulatory-controlled environment? ThreatStryker can automatically assess the compliance of your infrastructure against documented industry standards, such as PCI-DSS and HIPAA. Improve security and confidently prepare for audits.
Deepfence SecretScanner inspects container images and hosts, seeking out unprotected secrets such as passwords, IAM tokens, and SSH keys. If SecretScanner can find them, so can attackers and other unauthorized users!
ThreatStryker uses OpenSCAP (Security Content Automation Protocol), the leading compliance engine for cloud and host-based compliance. ThreatStryker can execute a variety of proven SCAP profiles against hosts, running containers, and containers in registries.