Unleashing ThreatStryker: A New Dawn for Cloud Security

Unleashing ThreatStryker: A New Dawn for Cloud Security
August 3, 2023

The world of cloud security is evolving at a dizzying pace. As cyber threats grow more complex and cunning, our defenses must adapt and overcome them. That's where Deepfence comes in. We're excited to announce the General Availability of ThreatStryker, a ground-breaking Enterprise offering built on top of our widely embraced open-source Cloud Native Application Protection Platform (CNAPP), ThreatMapper. ThreatMapper, Deepfence’s open-source CNAPP, has shown tremendous momentum in the market, amassing over 10,000 GitHub stars across Deepfence’s open-source product portfolio and is used by 3,000 enterprises worldwide. Deepfence now extends the security and risk prioritization feature sets of the open-source platform with real-time threat detection and response capabilities purpose-built for cloud-native environments. Enterprises now can focus on the 3% of alerts that truly matter and ensure they can respond to and remediate these threats in a timely manner, radically altering how companies approach maintaining their security posture in the cloud!

Transforming Cloud Security Economics

Deepfence is not just a pioneer but a radical disruptor in the cloud security industry. We take a stand on an often-overlooked principle: visibility into your organization's internal attack surface's security posture shouldn't be a prohibitively expensive luxury. Instead, we assert that it is a fundamental right, an essential cornerstone for every enterprise striving to secure its digital frontier. As our CEO, Sandeep Lahane, firmly states, "Companies shouldn’t have to pay to know what the security posture of their internal attack surface looks like."

But what does this open-source-first strategy truly mean? It represents a paradigm shift in how we perceive and manage cloud security. An open-source approach allows for transparent, collaborative, and community-driven security. This means that even emerging startups with limited resources can avail themselves of the same level of security capabilities as global giants.

Take for instance ThreatMapper, our open-source CNAPP. It has empowered thousands of organizations to better understand and respond to security threats, irrespective of their size or budget. By providing free access to a tool of this caliber, we have leveled the playing field, ensuring every organization can understand and address its own unique security needs.

Moreover, open-source security creates an environment of constant learning and improvement. As vulnerabilities are discovered and addressed, every participant in the ecosystem benefits. It’s a collective and continuous enhancement process that proprietary software simply can't match.

Ultimately, our open-source-first strategy is more than just a business model. It is a philosophy, a commitment to the democratization of cloud security. It champions the belief that when it comes to protecting our digital world, collaboration triumphs over competition, and transparency is the key to progress. This approach is what the world needs to confront and conquer the evolving cybersecurity challenges we all face today.

Empowering Enterprises with ThreatStryker

Our vision has always been to empower enterprises by delivering cutting-edge security solutions. ThreatStryker is the embodiment of this vision and an extension of the powerful ways in which we’ve transformed cloud security with our open-source offering. It's more than just a tool; it's a platform that uses advanced eBPFGuard technology to offer runtime protection and inline threat neutralization that stops threat actors dead in their tracks in real time.

One of ThreatStryker's standout features is its advanced user interface, designed to make identifying, mitigating, and neutralizing threats as intuitive as possible. This enables organizations to graphically visualize their diverse and hybrid infrastructure deployments at scale, reducing implementation time, and enhancing security and compliance analytics.


In the screenshot above, you can see quick security and compliance snapshots that help organizations identify the most critical risk by severity and exploitability in Deepfence’s ThreatGraph technology that maps an internal attack surface by its vulnerabilities and attack paths to those vulnerabilities. This creates an easy-to-comprehend visual and prioritized look at an organization’s risk posture, rather than list upon lists of 1000s upon 1000s of critical vulnerabilities, misconfigurations, and exposed secrets. Matt Lehman, Head of Payment Security at Amazon, applauds Deepfence's innovative approach. He observes that while there are many cloud-native security solutions, none cuts down the alert fatigue as efficiently as Deepfence, thanks to its lightweight runtime footprint.

Beyond that, once the internal attack surface is identified organizations need to be able to identify where a threat actor has gotten in their kill chain against that threat vector and neutralize threats in real time that are actively attacking their applications and network! To help organizations operationalize their detection data to appropriately decide where to respond, Deepfence has mapped detections to the MITRE framework for precise identification of the TTPs threat actors are utilizing to target the environment. When you couple this with Deepfence’s ThreatGraph which highlights the attack paths, SecOps teams can quickly identify the attack vector, where a threat actor has gotten in the kill chain, what TTPs they’ve used, and use that information to respond appropriately.

Lastly, ThreatStryker is leveraging eBPFGuard technology at scale to allow companies to neutralize threats in real-time utilizing the latest in traffic filtering technology and host-based quarantining mechanisms. The platform’s ability to leverage runtime protection takes advantage of the native hooks in cloud-native technologies, such as the Linux Security Module (LSM), to provide the quickest protection against threats without the overhead of traditional workload protection tools. We don’t sit in line, utilize proxies, or require traditional deep kernel hooks to provide effective protection; yet we’re able to take action against encrypted or plain text payloads across multiple protocols because of the advances in eBPF technology. At the end of the day this means, organizations are protected in real-time against threats as they happen, ensuring the most effective response based on all the runtime context Deepfence has about that attack and the resources it's affecting!

Raising the Bar with ThreatMapper 2.0

In line with our open-source-first ethos, we're beyond excited to reveal the rollout of ThreatMapper 2.0. This is not just an upgrade—it's a significant leap forward. Our team has meticulously re-architected the entire platform to offer capabilities that are typically only found in high-end, proprietary enterprise solutions. The result? A platform that meets the demands of even the most significant global enterprises, all within the accessible, democratized realm of open source.

ThreatMapper 2.0 isn’t just a minor enhancement or a single-function security tool—it's an entire platform designed to offer a holistic view of an organization’s security posture. It brings the visualization, user interface, and scalability that were the highlight of ThreatStryker’s GA launch, and positions them firmly within the open-source community's reach.

Imagine having a solution at your disposal that provides complete security observability for serverless workloads, an area often overlooked in conventional security strategies. Visualize the ability to cover up to an astonishing 100,000 Kubernetes nodes or EC2 servers, offering unprecedented scale to handle complex, large-scale deployments.

These enhancements don't merely represent technological advancements but are a tangible manifestation of our commitment to equip every organization with tools previously reserved for giants like Amazon Pay or Snap. In fact, enterprises of such stature have experienced first-hand the benefits of our platform, further validating our approach and strategy.

The release of ThreatMapper 2.0 is a pivotal moment in the journey of open-source security, underscoring the potential and power of an open-source CNAPP. This update doesn't just push the boundaries of what's possible in cloud-native security; it shatters them. It's a testament to what can be achieved when the principles of accessibility, scalability, and community collaboration are at the heart of a security solution. This is a game-changer, a paradigm-shifting milestone in the evolution of cloud security. It sets a new bar for what the industry can—and should—strive for.

Recognizing the True Potential of ThreatStryker within the Enterprise

When it comes to validating the importance and impact of our work, there's no higher honor than recognition from leaders in the field. Professionals at the helm of cybersecurity in global giants like LinkedIn and PrimeVideo have provided compelling testimony for the transformative potential of Deepfence's solutions.

Atif Haque, a seasoned leader in Information Security and Engineering at LinkedIn, not only endorsed our product but labeled it as a "revolution in the cloud security industry." Such an endorsement carries weight, as LinkedIn, with its vast, complex, and hybrid cloud infrastructure, represents a challenging security landscape. For a company that handles sensitive user data at such a massive scale, a high level of trust in Deepfence’s ability to map complex attack paths and neutralize threats in real-time is a significant testament to our platform's robustness and efficiency. This endorsement underscores our approach's potency in integrating seamlessly with hybrid cloud infrastructures, further strengthening our claim of being a true enterprise-scale solution.

Mike Sabbota, Head of Security Engagements at PrimeVideo, emphasizes the value of Deepfence's focus on runtime context, a perspective that is as refreshing as it is revolutionary. He drew a powerful analogy, saying, "It's the difference between looking at a map and actually understanding the terrain." This perfectly captures the essence of our approach to security: we don't just offer a superficial overview, we provide an in-depth, nuanced understanding of application and network traffic context. This is an approach that enables organizations to filter out the noise and focus on real, immediate threats that matter. Mike's testimonial reinforces the importance of our platform in a world increasingly reliant on cloud-native solutions.

These endorsements from industry leaders bring a deeper significance to the launch of ThreatStryker and the release of ThreatMapper 2.0. They reflect the recognition of our groundbreaking approach to cloud security at the enterprise level. More importantly, they echo our belief in the potential of our solutions to transform the security landscape, reinforcing our commitment to continue innovating and pushing the boundaries of what's possible in cloud security.

Joining the Revolution

As we usher in a new era of cloud security with ThreatStryker and ThreatMapper 2.0, we invite you to join us in this journey of exploration and innovation. Visit www.deepfence.io to learn more about these transformative solutions, and be a part of the revolution the industry has been waiting for. Request a demo or join our upcoming ThreatStryker webinar for a first-hand look at the latest in cloud security.