TGIF!!! The first week of the year is in the books! On today's βοΈ π 𧡠we wanted to do something a little different & give a behind-the-scenes look at the Deepfence platform & how we:
1) Build prioritized ThreatGraphs of risk in your βοΈ
2) Activate runtime protection
More π
First, we capture a holistic picture of your βοΈ's TOPOLOGY.
We do this with AGENT & AGENTLESS technology so we can capture everything from cloud services w/i the environment all the way to full network traffic payloads and down to process-level executions on the host.
To read more about the agent technology we utilize, eBPF, and its advantages over traditional workload protection agents, check out our previous 𧡠here:
twitter.com/deepfence/status/1599782798771990528?s=20&t=jwjiYn87Mn2D30VnOKCoYQ
Once we have observability w/i the environment, we begin security scans of the env for vulnerabilities, mis-configurations that introduce regulatory or security risk, malware, exposed secrets, etc. We overlay these scans w/ our runtime knowledge of the env.
ThreatMapper, Deepfenceβs open source CNAPP, helps orgs build a ThreatGraph of their βοΈ env to reduce 97% of the noise from the security scans. These scans are evaluated for exploitability using runtime context to paint a holistic picture of an org's security posture & risk.
The ThreatGraph presents orgs w/ a look at the most exploitable attack vectors across their hybrid & multi-cloud environments, eliminating the noise of non-exploitable risk and increasing the signal of security alerts and incidents that actually matter!
When the Deepfence platform alerts to malicious or anomalous payloads along these attack vectors; you can stop threat actors in their tracks with security protections that work and scale in multi-cloud environments utilizing ThreatStryker, our enterprise CNAPP.
This RUNTIME PROTECTION of your cloud-native infrastructure includes blocking traffic, quarantining hosts, remediating vulns & misconfigurations & protecting your environment w/ Cloud Native Packet Filtering using eBPF + XDP to seal off plain text and encrypted attack paths!
To see the platform's runtime protection in action, jump to the 19:30 mark of our latest webinar on understanding attack paths as the key to alert fatigue reduction and better remediation!
youtube.com/watch?v=STn5m0FLjjA
Hopefully this 𧡠has been enlightening on and helped you see how we reduce 97% of noise in your βοΈ environment to focus on the security signals that matter!
Not only is this the key to alert fatigue reduction but it's necessary to appropriate security protection w/i the βοΈ!
If you like this content & want to see more - like/retweet this post & give us a follow @deepfence.
Want to take the platform for a spin?
Sign up today: deepfence.cloud/auth/signup
Deepfence
@deepfence
Securing your apps in production across the entire cloud native continuum β clouds, Kubernetes, containers, serverless, and more