Map the attack surface of your applications.
Discover and rank vulnerabilities.
Find out what to fix first.
You can’t secure what you can’t see. ThreatMapper auto-discovers your production infrastructure. It identifies and interrogates cloud instances, Kubernetes nodes, and serverless resources, discovering the applications and containers and mapping their topology in real time. Use ThreatMapper to discover and visualize the external and internal attack surface for your applications and infrastructure.
Exploiting known vulnerabilities in common dependencies is one of the easiest ways for bad actors to gain a foothold within your infrastructure. ThreatMapper scans hosts, containers, and applications for known vulnerable dependencies, taking threat feeds from over 50 different sources. ThreatMapper augments any “shift left” scanning you do in your production pipeline, and scans third-party components such as monitoring, security, and load-balancing tools. ThreatMapper will identify fresh vulnerabilities in production that were not known at build or deploy time.
More than 18,000 new vulnerabilities are published each year by the National Vulnerability Database, and thousands of additional vulnerabilities come from other sources. It’s challenging to keep on top of a fast-moving security landscape. ThreatMapper ranks the discovered vulnerabilities based on CVSS and other severity signals, as well as their exploit method and proximity to your external attack surface. With ThreatMapper, you know what vulnerabilities pose the greatest threats, and what you must fix first.
Modern applications and microservices rely heavily on shared, open source components. This makes security a community effort. That’s one of the reasons why we make all of ThreatMapper’s features freely available to all under the Apache 2.0 license.
If you’re looking for real-time security tools, Deepfence’s ThreatStryker is a fully-supported version of ThreatMapper that adds runtime telemetry and a sophisticated correlation engine that observes activity in your application in real time and detects emerging threats and attacks. Our future roadmap will move the real-time sensor and telemetry into ThreatMapper (open source), and ThreatStryker will be refactored into a separate real-time threat management tool.