Contextual Security

Deepfence's solution seamlessly integrates cloud, application, and network context to provide unparalleled visibility into your environment. Identify malicious activities and threats in real-time by monitoring network traffic to and from applications and hosts, as well as on-host events such as file system, process, and system call changes. Our approach delivers the broadest range of signals and telemetry.

How It Works

Deepfence Provides Contextual Security

Deepfence's trailblazing agent harnesses the power of eBPF filters to deliver unparalleled security observability across your entire environment. Our intelligent system captures, filters, and analyzes network traffic with pinpoint accuracy, scanning for anomalies and threats in real-time. Upon detecting suspicious activities, we securely archive the data for in-depth analysis and forensics. Trust Deepfence to safeguard your digital assets and maintain a resilient defense against emerging threats.

Cloud Context

Deepfence's CNAPP offers unparalleled cloud context by continuously monitoring your cloud infrastructure, identifying misconfigurations, and detecting unauthorized access. By maintaining comprehensive visibility into your cloud environment, Deepfence enables you to proactively address vulnerabilities and strengthen your security posture.

Network Context

Deepfence's CNAPP excels in providing network context by capturing and analyzing network traffic between hosts and applications in real-time. This comprehensive approach identifies anomalous activities, malicious patterns, and potential threats, empowering you to safeguard your network and respond effectively to emerging risks.

Application Context

Deepfence's CNAPP delivers in-depth application context by monitoring application-level events, processes, and system calls. This detailed visibility allows you to detect unauthorized actions, maintain application integrity, and swiftly respond to potential threats, ensuring the utmost protection for your critical applications.

eBPF agents offer unparalleled versatility and address a wide range of use cases, from network monitoring and observability to policy enforcement and application security. Their high-performance, lightweight nature ensures minimal impact on your infrastructure, enabling seamless integration and real-time threat detection.

Key Benefits of Deepfence's Security Observability

Capture network traffic to identify additional attack signals and anomalies

Fine-tune capture targets to minimize load and noise

See encrypted and/or plain text traffic and take action realtime

Supported Platforms

Agents support a wide range of deployment options


Agents are deployed as a daemonset, a common pattern for log, metrics, monitoring, and security services that run alongside Kubernetes workloads in a non-intrusive manner.


Agents are deployed as a Docker container on each Docker host.

Bare metal and VM-based platforms

Agents are deployed as a Docker container on each operating system instance, using a Docker runtime. Both Windows and Linux instances are supported.


Deepfence supports AWS Fargate, where agents are deployed as a daemon service alongside each serverless instance.


Contextual Security