Deepfence is a Cloud-Native Application Protection Platform (CNAPP) that combines multiple security functionalities: It provides vulnerability management capabilities with contextual analysis to reduce false positives in security scanning. The platform includes container security features and cloud workload protection, focusing on identifying vulnerabilities, exposed secrets, cloud misconfigurations, and malware. It utilizes eBPF technology for runtime monitoring and context gathering across cloud environments. The solution is available in two versions: - ThreatMapper: An open-source version for vulnerability scanning and management - ThreatStryker: An enterprise version with additional security features The platform integrates with various cloud environments and container platforms, offering security monitoring for Kubernetes, virtual machines, and serverless architectures.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
A free training course and lab environment for learning to test and attack cloud infrastructure, including AWS and Azure.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.