Deepfence introduced open supply availability of ThreatMapper, a signature providing that robotically scans, maps and ranks utility vulnerabilities throughout serverless, Kubernetes, container and multi-cloud environments.
Scanning runtime environments
ThreatMapper is an open supply platform for scanning runtime environments for software program provide chain vulnerabilities and contextualizing threats to assist organizations decide which to handle and when. Taking menace feeds from greater than 50 totally different sources, the excellent suite of ThreatMapper capabilities and options can be found on GitHub.
ThreatMapper enhances a corporation’s present initiatives to “shift left” by scanning purposes and infrastructure post-deployment, catching rising threats and scanning each first-party and third-party purposes and elements.
“Fashionable purposes and providers rely tremendously on open supply componentry, and any vulnerabilities in such elements will be rapidly exploited at vital scale. Securing these elements is most successfully completed as a group effort; accountable disclosure, public vulnerability feeds, and freely-available open supply tooling,” stated Owen Garrett, Head of Merchandise and Group at Deepfence.
ThreatMapper’s automated capabilities embody:
Mapped topology of purposes and infrastructure: Utilizing light-weight, easy-to-deploy and non-invasive sensors, ThreatMapper auto-discovers and maps providers, containers, cloud assets and third-party APIs inside your infrastructure by passively observing community visitors.
Steady discovery of vulnerabilities: ThreatMapper scans on-line hosts, containers and serverless environments for identified weak dependencies, augmenting any “shift left” vulnerability scanning it’s possible you’ll do in your growth pipeline.
Ranked vulnerabilities by assault floor: ThreatMapper ranks found vulnerabilities, figuring out the highest-risk threats and the order by which they need to be addressed by using runtime visitors and cloud context.
With purposes counting on an ever-increasing community of third-party dependencies, the vulnerability blast radius will get more durable and more durable to include. The truth is, the variety of CVEs printed every year by MITRE has been trending upward yr over yr, with greater than 18,000 new vulnerabilities printed in 2020, and tens of 1000’s of further vulnerabilities come from different sources. Additional, GitHub reported that vulnerabilities lie hidden for a median of 4 years earlier than discovery, and it takes, on common, 14 weeks to develop and distribute a repair, leaving loads of alternative for cyber attackers to develop methods to take advantage of potential points.
“To say that it’s difficult to maintain on prime of software program vulnerabilities is a big understatement,” stated Mehul Patel, Director Safety & Infrastructure at Amyris. “ThreatMapper, nonetheless, has eased the burden not solely of scanning for the myriad vulnerabilities on the market, but additionally of determining which vulnerabilities demand probably the most and most-immediate consideration. We had ThreatMapper up and working in a matter of minutes, and we now have been capable of shift our time to different duties, figuring out that ThreatMapper is on patrol.”
ThreatMapper is a fast-evolving open supply venture, and can quickly acquire further safety observability capabilities, together with scanning for cloud misconfigurations, compliance associated hardening and extra runtime capabilities based mostly on eBPF. ThreatMapper will make all noticed threats and telemetry accessible by means of a sequence of public APIs.