Open Source Security Solutions

Security is a community effort. That’s one of the reasons why we make our cloud security tools freely available to all under the Apache 2.0 license.

Deepfence UI and Github Stars
100% OPEN-SOURCE CLOUD SECURITY

Deepfence is one of the fastest growing open-source startups

Protect, Detect, and Respond with the Deepfence Open-Source Security Solutions

ThreatMapper


With over 4,000 stars on Github, the ThreatMapper CNAPP hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice. It uses a combination of agent-based inspection and agentless monitoring to provide the widest possible coverage to detect threats.

GitHub

SecretScanner

SecretScanner can find unprotected secrets in container images or file systems. SecretScanner is included in ThreatMapper and also as a standalone tool that retrieves and searches container and host file systems, matching the contents against a database of approximately 140 secret types.

GitHub

PacketStreamer

PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis.

GitHub

FlowMeter

FlowMeter classifies packets and flows as benign or malicious with high true positives (TP) and low false positives (FP). Use the labeled data to reduce amount of traffic requiring deeper analysis. Additionally it categorizes packets into flows and shows a rich ensemble of flow data and statistics.

GitHub

YaraHunter

YaraHunter scans container images, running Docker containers, and file systems to find indicators of malware. It uses a YARA ruleset to identify resources that match known malware signatures, and may indicate that the container or filesystem has been compromised.

GitHub

eBPFGuard

eBPFGuard is a library for managing Linux security policies. It is based on LSM hooks, but without necessity to write any kernel modules or eBPF programs directly. It allows to write policies in Rust (or YAML) in user space. It's based on eBPF and Aya library, but takes away the need to use them directly.

GitHub

Compare Products

Looking for real-time threat detection & response?

Take your security to new heights with ThreatStryker, our premium enterprise CNAPP. Designed to meet the demands of today's complex business environments, ThreatStryker offers real-time cloud detection and response capabilities allowing you to neutralize threats to your environment in real-time. In addition, unlock advanced features, receive dedicated support, and benefit from tailored solutions that address your unique security needs. Invest in ThreatStryker and fortify your organization's defenses with confidence and precision.

Ready to use ThreatStryker?