We’re excited to announce today that ThreatMapper is now 100% open source under the Apache 2.0 license! If you’re not familiar with ThreatMapper, it’s a cloud native security observability platform that scans, maps, and ranks vulnerabilities from development through production across serverless, Kubernetes, container, and multi-cloud environments.
Because modern applications and services rely heavily on shared, open source components, securing them is best done as a collaborative, community effort. By open sourcing ThreatMapper, we aim to help developers, DevOps, DevSecOps, and security teams identify and prioritize threats quickly and easily, and focus their efforts on the vulnerabilities that need to be fixed first.
When we initially launched ThreatMapper, we first made it available as a freemium edition and worked closely with dozens of early adopters to evolve it into the robust cloud native security platform that it is today. By working alongside security professionals securing modern application environments, not only were we able to build out a rich set of features and capabilities that solve real-world challenges, but we were also able to see ThreatMapper make a tangible impact on security teams.
To say that it’s challenging to keep on top of software vulnerabilities is a huge understatement. ThreatMapper, however, has eased the burden not only of scanning for the myriad vulnerabilities out there, but also of figuring out which vulnerabilities demand the most and most-immediate attention. We had ThreatMapper up and running in a matter of minutes, and we have been able to shift our time to other tasks, knowing that ThreatMapper is on patrol.
-- Mehul Patel, Director Security & Infrastructure at Amyris
Benefits of Using ThreatMapper
Here are just some of the benefits you get by using ThreatMapper to secure your applications and infrastructure:
- See the topology of your applications and infrastructure: ThreatMapper auto-discovers your production infrastructure – including cloud instances, Kubernetes nodes, serverless resources, and containers – and maps the topology of your applications in real time.
- Discover vulnerabilities, including fresh vulnerabilities in production that were not known at build or deploy time: ThreatMapper scans hosts, containers, and applications for known vulnerable dependencies, taking threat feeds from more than 50 different sources. ThreatMapper augments any “shift left” vulnerability scanning you may do in your development pipeline, and scans third-party components such as monitoring and load-balancing tools.
- Rank vulnerabilities by attack surface: ThreatMapper ranks the discovered vulnerabilities based on CVSS and other severity signals, as well as their exploit method and proximity to your external attack surface. With ThreatMapper, you know what vulnerabilities pose the greatest threats, and what you must fix first.
ThreatMapper is a fully open source platform that makes it easy to scan for vulnerabilities and build a map of threats across multiple clouds and application types. ThreatStryker (our commercial offering) extends ThreatMapper with compliance scanning, runtime sensors, and a correlation and protection engine.
Our intent is to migrate all security and observability capabilities, including compliance scanning and runtime sensors, into the open source ThreatMapper platform. ThreatMapper will make all threat and runtime data available through public APIs, for dashboards, SIEM and other external applications to consume.
ThreatStryker is to be refactored as a standalone application that consumes vulnerability and telemetry data from the ThreatMapper platform using the public APIs, and provides run-time attack analysis and protection. Stay up-to-date on the ThreatMapper roadmap on GitHub.
Summary & What’s Next?
Thank you to everyone who helped us on our journey so far to make ThreatMapper the robust open source security tool that we’re announcing today. We’re so grateful for the many design partners, customers, security professionals, advisors, and members of the Deepfence team (the Deepforce!) who helped us achieve this amazing milestone.
While open sourcing ThreatMapper was always on our roadmap -- today is only the beginning! We’ll continue to build and release new features on our mission to protect the cloud native continuum.