Deepfence Year In Review - Elevating Cloud Security in 2023

Deepfence Year In Review - Elevating Cloud Security in 2023
December 28, 2023

We spent 2023 focused on our community and education. We expanded our OSS offerings and reached huge milestones on GitHub, along with major product releases and exciting new features. Here is a summary of our 2023 accomplishments! 

We Strengthened Our Open Source Community and Philosophy

Security is a community effort. That’s one of the reasons why we make our security projects freely available to all under the Apache 2.0 license. Deepfence has changed the economic landscape of cloud security with our open-source first strategy which insists that companies shouldn’t have to pay to know what the security posture of their internal attack surface looks like. Open-source software is increasingly becoming an essential part of security strategies for modern security teams. It has many advantages, including low-level observability, scalability, no vendor lock-in, and attracting top talent. 

In 2022 and 2023, our open-source security projects were among the fastest-adopted cloud security solutions. We ranked on the ROSS Insight annual list of top 50 fastest-growing open-source start-ups in 2022. As we end the year, we have reached over 11,500 stars on GitHub. 

Since launching ThreatMapper, the first open-source Cloud-Native Application Protection Platform (CNAPP), over 3,000 enterprises have installed the platform. By choosing a reliable open-source product with a strong community and support, organizations can achieve impressive results and save money.

We Focused on Training and Education

To ensure Deepfence projects have a strong community with top-notch support, we focused on sharing the knowledge of our team and their peers. In a series of webinars and blogs, we chatted with thought leaders at top tech companies on how they scale and keep their security programs consistently cutting-edge:

  1. In “Addressing Evolving Threat Models in Cloud Security with Open Source Software” Nick Reva of Snap shares the many advantages open source solutions offer, what separates good versus great cybersecurity capability, and how the security landscape is shifting to open source due to recessionary times.
  2. We took a deep dive into container security challenges and best practices with Matt Lehman, Head of Payments Security at Amazon in a podcast-style webinar “Runtime Security Observability for Containerized Workloads in AWS” 
  3. In “Demystifying Kubernetes Detection and Response” we gathered security experts Iman Ghanizada, Global Head of Autonomic Security at Google Cloud, Nick Reva, Head of Corporate Security Engineering at Snap and Sandeep Lahane, CEO/Founder of Deepfence to share deep insights and answer key questions around securing Kubernetes. 
  4. Mike Sabbota, Head of Security Engagements at Amazon Prime Video, joined us for “Runtime Context - The Missing Piece in Cloud Security” and dove into the crucial role of runtime application context in cloud security and how understanding runtime application behavior has been instrumental in proactively identifying threats and ensuring the robust security of Amazon Prime Video's expansive digital landscape.
  5. In “Fortifying Cloud Security - Unveiling the Potential of Next-Generation Agent Sensors” Pathik Patel, Head of Cloud Security at Informatica, and Ryan Smith, Head of Product at Deepfence explored the indispensable role sensors and agents play in safeguarding your cloud environment.

 You can read the blogs and watch some short excerpts from the 5-part webinar series.  

Training is essential to help cloud security teams seamlessly execute end-to-end cloud security engineering and operations processes. In 2023, our open-source CNAPP was used in a free Udacity training course “Operationalizing Cloud Security with Deepfence ThreatMapper”. Taught and developed by a leading industry expert, Nick Reva, Head of Corporate Security Engineering at Snap, the lesson will teach you how to implement high-level cloud security programs for enterprise environments. Thanks to Nick for sharing this course as part of his vision to democratize security for all organizations using top-notch, enterprise-grade, open-source tools.

We Focused on Making the Best CNAPP

In the Fall we announced the General Availability of ThreatStryker, our ground-breaking Enterprise offering built on top of our widely embraced open-source Cloud Native Application Protection Platform (CNAPP), ThreatMapper. Deepfence now extends the security and risk prioritization feature sets of the open-source platform with real-time threat detection and response capabilities purpose-built for cloud-native environments. With this new release, enterprises can focus on the 3% of alerts that truly matter and ensure they can respond to and remediate these threats in a timely manner, radically altering how companies approach maintaining their security posture in the cloud!

We launched ThreatMapper version  2.0, bringing the visualization, UI, and scale of ThreatStryker’s GA launch into the open-source domain. ThreatMapper 2.0 has undergone a comprehensive architectural revamp to meet the demands of the largest global enterprises. It is capable of offering security observability for serverless workloads and can cover up to 100,000 Kubernetes nodes or EC2 servers. Since the launch of the open-source platform 2 years ago, ThreatMapper has seen massive adoption across a wide variety of public, private and hybrid clouds, bare-metal servers, serverless environments like AWS Fargate, and even Raspberry PI devices. ThreatMapper adds runtime context such as network flows to the thousands of scan results to build ThreatGraph; a rich visualization of the most meaningful and threatening attack paths. This has potential to reduce the threats found by up to 97%, helping users prioritize the remediation of 3% of threats that are actually exploitable. Some of our users have already installed ThreatMapper on Kubernetes clusters across 2,500 Kubernetes nodes, around 20,000 pods and up to 50,000 containers, gaining critical security observability into their risk posture and ensuring the ability to respond to threats in runtime.

We also integrated our groundbreaking open-source Rust library, eBPFGuard, into our cutting-edge commercial solution for threat detection and mitigation, ThreatStryker.

Announcing ThreatRx 

As cloud environments grow increasingly complex, ensuring their security becomes more challenging than ever before. We are excited to announce our latest game-changer: AI-assisted remediation via a new feature called ThreatRx for cloud misconfiguration issues and vulnerabilities

Recognizing the critical importance of remediation, we've integrated cutting-edge Large Language Models (LLMs) into ThreatMapper’s Cloud Security Posture Management (CSPM) feature set via ThreatRx. What does this mean for you? It means that when a misconfiguration is identified and alerted on, Deepfence doesn't just stop at detection. We provide you with actionable, AI-driven remediation suggestions. Not only are they actionable suggestions, but remediation results are presented via different technology instrumentation methodologies such as CLI, terraform, Pulumi, etc. Think of it as having a virtual security expert at your disposal, ready to guide you step-by-step through the remediation process and present the exact code snippet you need to implement it in whatever technology layer you choose. 

The best part is that the feature is available within Deepfence’s Open Source CNAPP, ThreatMapper, and we are extending its capabilities into the runtime workload protection space with integration into ThreatStryker. 

Other Exciting Product News:

  • SOC 2 Certification - Deepfence successfully completed the System and Organization Controls (SOC) 2 Type 2 attestation for Security and passed a third-party audit. We are proud to meet this milestone as we continue to invest in our architecture and security. 
  • AWS Marketplace - You can now experience the power of Deepfence ThreatStryker on the AWS Marketplace as it uncovers every active container, process, and host, delivering a dynamic, color-coded, interactive topology. 

As we step into the future, Deepfence remains committed to democratizing security, empowering organizations with cutting-edge, open-source tools, and pioneering solutions that redefine the boundaries of cloud security. Thank you for being part of our journey, and here's to a secure and transformative 2024!