Deepfence provides application layer intrusion prevention for modern workloads. Deepfence’s Security as a Microservice® gets deployed as a lightweight sidecar container on every host, and can be scaled and orchestrated in exactly the same manner as your other containers. Deepfence is zero touch — it does not depend on third-party kernel modules, manual behavior modeling, or user-defined rules and policies.
Deepfence discovers all running containers, processes and online hosts, and presents a live and interactive color-coded view of the topology. It audits containers and hosts to detect file system, process and network related misconfigurations, using industry standard and custom checks to detect potential runtime attack surface.
Deepfence monitors and performs deep inspection of network traffic, system and application behavior, and correlates suspicious events across the entire infrastructure to detect threats with minimal false positives. Deepfence does not depend on manually generated behavioral models which are susceptible to user follies and adversarial attacks, or hand-coded static rulesets to detect threats.
Containers and hosts are color-coded to visually aid rapid detection and response to threats. Every reported alert contains details on affected resources and type of anomalies right down to the level of system calls. Deepfence can also quarantine tainted workloads, stopping potential lateral spread of the infection.