Kubernetes is the leading container orchestration platform. Deepfence ThreatMapper and ThreatStryker provide high-performance application security for Kubernetes production workloads, scaling with your applications.
With a lightweight, standards-based architecture, Deepfence technologies support all major production Kubernetes platforms out-of-the-box. Protect your production workloads on local K8s clusters, Amazon EKS, Google GKE, Red Hat OpenShift, and more.
ThreatMapper automatically discovers, scans, and analyzes pod workloads, identifying vulnerable software components and mapping them to your internal and external attack surface. Automated compliance checks verify your Kubernetes platform is configured to sound industry and community standards.
Should ThreatStryker detect that a workload has been tainted, ThreatStryker can immediately terminate the pod. Kubernetes will then redeploy pods from a known good state as needed, ensuring capacity is maintained and users are not impacted.
Deepfence’s targeted deep packet inspection captures network traffic, even in an encrypted, sidecar service mesh. Use ThreatStryker with Istio, Linkerd, Traefik, NGINX, and other meshes to intercept and analyze network traffic without blind spots.
Deepfence Console can also be deployed in Kubernetes. We recommend deploying the console to a cluster separate from your production ones in order to enforce tight security and minimize the load on your production clusters. Deepfence supports multiple hybrid environments, so a single console can manage multiple Kubernetes clusters along with other platforms.