Highlights
- Since the release of the first open source, the ThreatMapper project now has over 1,000 stars on GitHub and tens of thousands of pull requests from DockerHub.
- The primary objective of ThreatMapper 1.2.0 is to allow DevSecOps professionals to detect key security vulnerabilities that need to be addressed on a priority.
Security observability platform Deepfence announced the release of ThreatMapper 1.2.0 and a slew of updates to it. ThreatMapper is an open-source tool that helps find and rank software vulnerabilities.
ThreatMapper 1.2.0 adds several in-demand features, including an improved Attack Path Visualization, with a more sophisticated and representative calculation of the Most Exploitable Vulnerabilities, support for discovering and scanning AWS Fargate workloads for vulnerabilities, ARM support, and support for integration with Google Chronicle. Deepfence has also added several community-inspired performance improvements and bugfixes, including some extra support for containers hosted workloads and Kubernetes, better report generation, better registry scanning and UI related enhancements.
Since the release of the first open source, the ThreatMapper project now has over 1,000 stars on GitHub and tens of thousands of pull requests from DockerHub. The project has been playing a major role in assisting users with the onerous task of detecting vulnerable components, including Log4j instances, in the working applications.
Purpose
The primary objective of ThreatMapper 1.2.0 is to allow DevSecOps professionals to detect key security vulnerabilities that need to be addressed on a priority as they present the greatest risk to the security of the organization’s production applications. The platform also simplifies this task with its new Attack Path Virtualization.
Countering challenges
While it’s easy to identify potentially-exploitable vulnerabilities with directly-connected internet-facing services, it’s more difficult to find vulnerable services that are further downstream, behind proxies and exposed indirectly to potentially malicious traffic on the internet. However, ThreatMapper, which monitors network traffic across multiple hops, can find these hidden attack paths by correlating vulnerabilities with network traffic continuously.
Furthermore, the security platform has also added other features such as full support for AWS Fargate workloads; for ARM which unlocks IoT and Edge use cases; for Google Chronicle, as well as wider support for containers and Kubernetes platforms. With the addition of new layers of support, Deepfence continues to make major enhancements to vulnerability scans. At the same time, it continues to increase speed for the more complex scans needed to identify today’s most sophisticated security threats.
Expert view
“We’re excited to bring these new features to ThreatMapper and provide our growing community of open source users with the tools they need to keep their organizations safe in the face of continuous and sophisticated security threats,” said Owen Garrett, Head of Products and Community at Deepfence.
“By making it easier to scan and identify critical vulnerabilities both pre- and-post-deployment, the ThreatMapper project is quickly becoming essential software for securing the software supply chain and identifying vulnerabilities in production. By open sourcing and adding new features to ThreatMapper, Deepfence remains committed to building the best solution possible for the benefit of all industries.”