ThreatMapper Up to date With New Scanning Instruments



The most recent model of ThreatMapper, an open supply safety observability platform, now comes with a instrument to scan for secrets and techniques in manufacturing workloads and preserve a runtime software program invoice of supplies, says Deepfence, the corporate sustaining the instrument.

ThreatMapper is a cloud-native instrument safety groups can use to scan, map, and rank vulnerabilities and different potential safety points in serverless, Kubernets, container, and multicloud environments. Deepfence launched ThreatMapper as an open supply instrument final October.

Within the newest replace, Deepfence added the favored SecretScanner instrument to ThreatMapper to scan manufacturing workloads and container photos in registries and report if any delicate secrets and techniques – reminiscent of API keys, passwords, encryption keys, authentication tokens, and different delicate credentials – have been left behind. SecretScanner can search for over 140 completely different secret sorts, Deepfence says. With this functionality, safety groups get a whole checklist of all delicate secrets and techniques uncovered within the manufacturing surroundings. SecretScanner will be accessed by means of the ThreatMapper consumer interface in addition to the API.

ThreatMapper 1.3.0 additionally now has the flexibility to enumerate a software program invoice of supplies at runtime. By taking a look at what is definitely working in manufacturing environments – packages, processes, and different actions – customers would be capable of detect if something new has been added with out their consciousness.

Learn extra concerning the new options in ThreatMapper 1.3.0 from Deepfence.

Sustain with the newest cybersecurity threats, newly-discovered vulnerabilities, knowledge breach data, and rising traits. Delivered each day or weekly proper to your electronic mail inbox.