Connect with us

Hi, what are you looking for?


Deepfence brings ‘attack path’ visualizations to ThreatMapper vulnerability platform

threatmapper exploits full 1 e1643025235246

Did you miss a session from the Future of Work Summit? Head over to our Future of Work Summit on-demand library to stream.

Let the OSS Enterprise newsletter guide your open source journey! Sign up here.

Security observability platform Deepfence has introduced a handful of updates to ThreatMapper, its open source tool for finding and ranking software vulnerabilities.

By way of a brief recap, Deepfence helps secure cloud-native workloads across serverless, Kubernetes, container, and multi-cloud deployments — companies such as Amyris, Flexport, and Harness use it to analyze network traffic, running processes, file-system integrity, and more. In addition to the core commercial enterprise product known as ThreatStryker, Deepfence also ships a community edition called ThreatMapper, which has been available under an open source license since October.

ThreatMapper scans runtime environments for vulnerabilities across the software supply chain, enabling companies to contextualize threats and prioritize the most urgent ones — this covers both proprietary and third-party (e.g., open source) applications and components. It’s built on top of dozens of community feeds, such as the National Vulnerability Database (NVD), while it also funnels data from various databases, operating system distributions, language maintainers, and repositories.

Attack path visualizations

With the world still reeling from the far-reaching Log4j vulnerability, Deepfence is now looking to bolster ThreatMapper with additional smarts that make it easier to visualize and prioritize bugs it identifies.

The new “attack path” visualization, for example, displays the top three to five vulnerabilities in a single graphic, illustrating the route a bad actor might take to exploit a vulnerability in a production application. This helps developer and security teams take appropriate action, such as limiting the exposure using a web application firewall until further testing has taken place.

Advertisement. Scroll to continue reading.

This is all about helping to find vulnerabilities that might exist further downstream, ones that that weren’t known about when a company first deployed an application or update.

ThreatMapper: Attack path vizualization

Above: ThreatMapper: Attack path vizualization

Related to this, Deepfence has also tweaked the calculation it uses to establish the most exploitable vulnerabilities, placing greater weight on network accessibility and the number of live network connections that exist to the impacted workloads. This is designed to give a more “representative assessment of the relative risks of high-severity vulnerabilities,” the company said.


Above: ThreatMapper: Most exploitable vulnerabilities

Data suggests that attackers are going further upstream toward the origins of open source code, as this offers a more scalable means to distribute malware down through the software supply chain. This is why many companies have been shifting their security efforts “left.” But the fact of the matter is that vulnerabilities exist in production software — and this is what ThreatMapper is ultimately striving to tackle.

“By making it easier to scan and identify critical vulnerabilities both pre- and-post-deployment, the ThreatMapper project is becoming essential software for securing the software supply chain and identifying vulnerabilities in production,” Deepfence’s head of products and community Owen Garrett said in a statement. “By open sourcing and adding new features to ThreatMapper, Deepfence remains committed to building the best solution possible for the benefit of all industries.”

Elsewhere, Deepfence has also ported a feature from its enterprise-grade ThreatStryker product to ThreatMapper — support for AWS Fargate, Amazon’s serverless compute product for containers.

Other notable updates include added support for Google’s Chronicle security analytics platform, meaning that ThreatMapper now caters to a broader range of notifications, SIEM, and ticketing integrations, while ThreatMapper can push vulnerability scan results and audit logs to Google Chronicle. And the ThreatMapper community (i.e., not Deepfence itself) has developed support for ARM processors, which opens ThreatMapper up to more observability use cases.


VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Advertisement. Scroll to continue reading.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Source link

Click to comment

Leave a Reply


Loan And Finance

Electric vehicles are becoming increasingly popular as gas prices skyrocket. In fact, automakers plan to pivot to largely electric lineups in the coming decade,...

Top Stories

The past week in the decentralized finance (DeFi) ecosystem was dominated by Terra’s collapse and its aftermath on various ecosystems it was connected. Now...


Why it matters: Opportunities to increase RAM performance typically come from the extreme memory profile (XMP) set by the manufacturer or enthusiasts with enough...

Top Stories

What is a DAO? A DAO, or decentralized autonomous organization, is an online-based organization that exists and operates with no single leader or governing...


Source: Nintendo Sequels are usually perceived in one of two ways. Either they greatly improve on those who came before them, making their predecessors...

Top Stories

The dramatic story of the Terra (LUNA) crash — referred to by some as the Lehman Brothers of crypto — has taken yet another remarkable...


You May Also Like


Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...