Threat Mapper: Identify vulnerabilities in running containers, images, hosts and repositories
Deepfence Runtime Threat Mapper
The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud-native workload protection platform, released as a community edition. This community edition empowers the users with the following features:
- Visualization: Visualize kubernetes clusters, virtual machines, containers and images, running processes, and network connections in near real-time.
- Runtime Vulnerability Management: Perform vulnerability scans on running containers & hosts as well as container images.
- Container Registry Scanning: Check for vulnerabilities in images stored on AWS ECR, Azure Container Registry, Google Container Registry, Docker Hub, Docker Self-Hosted Private Registry, Quay, Harbor, Gitlab, and JFrog registries.
- CI/CD Scanning: Scan images as part of existing CI/CD Pipelines like CircleCI, Jenkins & GitLab.
- Integrations with SIEM, Notification Channels & Ticketing: Ready to use integrations with Slack, PagerDuty, HTTP endpoint, Jira, Splunk, ELK, Sumo Logic, and Amazon S3.
A pictorial depiction of the Deepfence Architecture is below
|Features||Runtime Threat mapper (Community Edition)||Workload Protection Platform (Enterprise Edition)|
|Discover & Visualize Running Pods, Containers and Hosts||✔️ (unlimited)||✔️ (unlimited)|
|Runtime Vulnerability Management for hosts/VMs||✔️ (unlimited)||✔️ (unlimited)|
|Runtime Vulnerability Management for containers||✔️ (unlimited)||✔️ (unlimited)|
|Container Registry Scanning||✔️||✔️|
|Integrations with SIEMs, Slack and more||✔️||✔️|
|Deep Packet Inspection of Encrypted & Plain Traffic||❌||✔️|
|Runtime Integrity Monitoring||❌||✔️|
|Network Connection & Resource Access Anomaly Detection||❌||✔️|
|Workload Firewall for Containers, Pods and Hosts||❌||✔️|
|Quarantine & Network Protection Policies||❌||✔️|
|Highly Available & Multi-node Deployment||❌||✔️|
|Multi-tenancy & User Management||❌||✔️|
Copyright (c) 2020 deepfence