Network-centric approaches lack application context and are rarely deployed in 'blocking' or 'in-line' mode. Deepfence's host-centric approach gives complete visibility into network traffic, as well as the behavior of the containers running on that host.
Deepfence inspects inbound and outbound traffic, application and system behavior including executed system calls, file system changes, container activity, and correlates anomalous events across the entire infrastructure. All containers and hosts which are under attack are color-coded aiding visual discovery and each alert contains detailed forensic trails. Your entire infrastructure including alert details is searchable, and users can respond to alerts manually or automatically, based on pre-configured policies.
Deepfence comes with pre-built integrations for widely used notification and incident management tools like Slack, Pagerduty, Hipchat and SIEMs like Splunk and ELK.