• Product

      Product

      Application Security Platform

      Use Cases

      Shift Left & DevSecOps Supply Chain Security Software Bill of Materials (SBOM) Container Runtime Security & Compliance Cloud Native Application Security
      What is Deepfactor and How Does It Work?
      4-Minute Video
      What is Deepfactor and How Does It Work? >
  • Pricing
    • Pricing Plans
  • Resources

      Resources

      All Resources Next-Gen AppSec Series Case Studies Demos Videos Glossary Webinars Whitepapers Workshops Latest Blogs Documentation
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps
      Whitepaper
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps >
  • Company
    • About
    • Leadership
    • Partners
    • News and Events
    • Careers
    • Contact Us
  • LOGIN
Cisco Logo Deepfactor is now part of Cisco | Learn more
Learn more
Deepfactor Logo
  • Product

      Product

      Use Cases

      Application Security Platform

      Use Cases

      Shift Left & DevSecOps Supply Chain Security Software Bill of Materials (SBOM) Container Runtime Security & Compliance Cloud Native Application Security
      What is Deepfactor and How Does It Work?
      4-Minute Video
      What is Deepfactor and How Does It Work? >
  • Pricing
    • Pricing Plans
  • Resources

      Resources

      All Resources Next-Gen AppSec Series Case Studies Demos Videos Glossary
      Webinars Whitepapers Workshops Latest Blogs Documentation
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps
      Whitepaper
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps >
  • Company
    • About
    • Leadership
    • Partners
    • News and Events
    • Careers
    • Contact Us
LOGIN
Deepfactor's Application Security Platform will no longer be offered for sale or renewal effective September 20, 2024.

Getting Started

  • QuickStart Guide
  • Install Deepfactor CLI
  • Deepfactor Support Matrix

Tutorials

  • SBOM & SCA
    • Artifact Releases
    • Deepfactor Scanner
    • Integrate Deepfactor scanner in your CI/CD pipelines
    • Scanning container images from private registries using Deepfactor CLI
    • Scan container images in K8s cluster
      • Scanning images from private registries in K8s cluster using Deepfactor
      • Scanning container images from private registries with basic authentication support in K8s
      • Scanning container images from private AWS Elastic Container Registry (ECR) in EKS on AWS Fargate
      • Scanning container images from private AWS Elastic Container Registry (ECR) in EKS on AWS EC2
  • Runtime Security
    • Introduction to Deepfactor Runtime Security
    • Deepfactor CLI Reference
    • Kubernetes workload
      • Run your Kubernetes workload with Deepfactor
      • Install Deepfactor Mutating Webhook
      • Configure Deepfactor Kubernetes admission webhook
      • Install Deepfactor K8s webhook on EKS Fargate
      • Selecting the pods you want to run with Deepfactor
      • Configuring application name, component name and component version in K8s webhook
      • Install Deepfactor mutating admission webhook using Argo CD
      • Install Deepfactor portal & webhook using Argo CD and vault
      • Use image pull secret for Runtime images
    • Containers/Other orchestration platforms
      • Run your Container Images with Deepfactor
      • Run containers in ECS with Deepfactor
    • Non-containerized workloads
      • Running non-containerized applications with Deepfactor

Deepfactor Platform

  • Introduction to Deepfactor
  • Alert Policies
  • Alert States and Triaging Flows
  • Deepfactor’s Correlation Capabilities
  • Organization and Teams
  • Role Based Access Control
  • Insights Knowledge Base
    • Privilege Separation and Privilege Dropping
    • Buffer Overflow Alerts
  • Knowledge Base
    • Deepfactor scan errors
    • K8s Webhook & Runtime Troubleshooting Guide
    • Tools for viewing CycloneDX and SPDX SBOMs
    • Graceful handling of pod restarts
    • Deepfactor telemetry events
    • Deepfactor Instrumentation Warning Messages
    • Best Practices for running your applications with Deepfactor in production environments
    • Golang Specific Notes
    • How to access Deepfactor Portal in different AWS subnet types
    • How the Deepfactor Management Portal Communicates With The Outside World
    • Language Specific Agents (LSA)
    • Mixed libc environments
    • Sensitive Information and Secrets in Process Environment Remediation
    • Running HAProxy with Deepfactor
    • Augmenting Alert Evidence with Runtime Stack Traces
  • FAQs
    • General FAQs
    • Open Source Disclosure

Integrations

  • Single Sign On (SSO) for authentication to Deepfactor
  • Integrate Jira with Deepfactor
  • Integrate Slack with Deepfactor
  • Okta
  • Deepfactor HTTPS webhook

Self managed Deepfactor portal

  • Deepfactor Portal architecture & deployment options
  • Install Self managed Deepfactor portal
    • Kubernetes Cluster
      • Prerequisites for deploying Deepfactor portal in Kubernetes Cluster
      • Deploying Deepfactor Portal in your Kubernetes Cluster
      • Install Deepfactor portal using Helm
      • Customizing Deepfactor portal deployment
        • Customizing your Deepfactor Portal Deployment in K8s
        • Deploy Deepfactor Portal With Resource Limits
        • Deploying Deepfactor Portal using external IP
        • Deepfactor Portal Installation with Existing Ingress Controller
    • AWS EC2
      • Prerequisites for installing Deepfactor Portal in AWS Cloud
      • Deploying Deepfactor on AWS using CFT
      • Install AWS Certificate Manager(ACM) certificate on Deepfactor portal EC2 instance
    • VMWare vSphere
      • Deepfactor Portal Proxy Configuration for OVA deployments
      • Prerequisites for deploying Deepfactor portal in VWware vSphere
      • Deploying Deepfactor on VMware vSphere
  • Manage Deepfactor Portal
    • Using Deepfactor APIs
    • Managing Users
    • Updating your Deepfactor Portal
    • Updating Deepfactor portal certificate
  • Deepfactor Portal Certificate
    • Generate certificate using cert-manager for Deepfactor portal
    • Create self-signed certificate for Deepfactor Portal on your K8s cluster
    • Create AWS Private CA Certificate for Deepfactor Portal on your K8s cluster
    • Create Let’s Encrypt certificate for Deepfactor Portal on your K8s cluster

Release Notes

  • Deepfactor Release Notes
  • Home
  • Docs
  • Getting Started

QuickStart Guide

Overview of Deepfactor #

Deepfactor Application Security is a new approach to AppSec that combines SBOM (Software Bill of Materials), SCA (Software Composition Analysis), and Runtime Security into a powerful integrated platform. AppSec and Engineering teams use Deepfactor to achieve one or more of the following objectives:

  1. SBOM: Generate SBOMs to secure your supply chain and comply with U.S. Executive order 14028
  2. SCA: Scan containers/dependencies for CVEs and gate builds and pull requests
  3. Runtime SCA: Burn down mountains of CVE debt quickly and intelligently by correlating SCA scan results with runtime analysis to prioritize CVEs that are used and remove packages that aren’t used.
  4. Runtime Analysis During Dev & Test: Identify unknown vulnerabilities in custom and 3rd party code, that cannot be identified by SAST & SCA tools, by analyzing running applications in dev & test environments.
  5. Runtime Security In Production: Detect insecure filesystem, network & memory behaviors in production environments, in order to meet SOC2 and other compliance requirements.

Quickstart Guide #

The following section will provide a quick start guide to scan and run your applications with Deepfactor.

Install Deepfactor CLI #

Run the following command on supported linux distributions to install dfctl.

curl https://repo.deepfactor.io/install-dfctl.sh | sh --

 

Export Deepfactor run token. You can get this from the Deepfactor UI by clicking on the Start button.

export DF_RUN_TOKEN=YOUR_DF_RUN_TOKEN

#

#

Scan container images for vulnerabilities #

Run the following command to scan your image with Deepfactor

dfctl scan IMAGE_PATH

where

IMAGE_PATH is the path of your image. You can find the list of languages and package manifest files Deepfactor scanner supports in the support matrix document.

Note: The above command assumes that you can pull the image onto the machine you are running this command from. If you would like to specify credentials for your private registry, please follow the steps mentioned in this article

#

 

Scan filesystem for vulnerabilities #

Run the following command to scan your image with Deepfactor

dfctl scan -s fs -a "APP_NAME" -c "COMPONENT_NAME" --version \
"VERSION" FILE_SYSTEM_DIRECTORY_PATH

where

APP_NAME is the name of your application. You can provide any name of your choice.

COMPONENT_NAME is the name of the component/microservice. You can provide any name of your choice.

VERSION is the version of the component you are scanning. For example, 1.0.1.

FILE_SYSTEM_DIRECTORY_PATH is the path of your directory which has the source code/package manifest files. You can find the list of languages and package manifest files Deepfactor scanner supports in the support matrix document.

#

 

Generate SBOM for your container images #

Run the following command to generate SBOM for your image with Deepfactor

dfctl scan -f cyclonedx,spdx -O OUTPUT_FILENAME IMAGE_PATH

where

OUTPUT_FILENAME is the name of the file in which you want the SBOM to be stored. You do not need to specify the extension. Deepfactor will automatically add the extension based on the format.

IMAGE_PATH is the path of your image. You can find the list of languages and package manifest files Deepfactor scanner supports in the support matrix document.

Note: 

  1. The above command assumes that you can pull the image onto the machine you are running this command from. If you would like to specify credentials for your private registry, please follow the steps mentioned in this article
  2. The above command specifies cyclonedx and spdx formats. You can find the full list of formats/options in the CLI reference document

You can also generate SBOM for your filesystems by specifying the -f and -O options.

 

Analyze running containers for insecure behaviors #

Run the following command to analyze your running container instances for insecure behaviors with Deepfactor.

dfctl run -a "APP_NAME" -c "COMPONENT_NAME" --version \
"VERSION" -v --docker-run DOCKER_RUN_OPTIONS --image IMAGE

where

APP_NAME is the name of your application. You can provide any name of your choice.

COMPONENT_NAME is the name of the component/microservice. You can provide any name of your choice.

VERSION is the version of the component you are scanning. For example, 1.0.1.

DOCKER_RUN_OPTIONS is the options you would provide to your original docker run command

IMAGE is the path of the image which you want to run.

Your container will now along with Deepfactor interception library which will collect and send over to the Deepfactor portal. At the portal, telemetry will be analyzed for insecure behaviors in accordance to the alert policy. For the fill list of options refer to the CLI reference document.

Ex.

dfctl run -a "OWASP" -c "juice-shop" --version "1.1.1" \
-v --docker-run -p 5250:3000 --image bkimminich/juice-shop

#

#

 

Analyze non-containerized applications for insecure behaviors #

Run the following command to analyze a non-containerized application with Deepfactor

dfctl run -a "APP_NAME" -c "COMPONENT_NAME" --version \
"VERSION" -v --cmd COMMAND_WITH_ARGUMENTS

where

APP_NAME is the name of your application. You can provide any name of your choice.

COMPONENT_NAME is the name of the component/microservice. You can provide any name of your choice.

VERSION is the version of the component you are scanning. For example, 1.0.1.

COMMAND_WITH_ARGUMENTS is the full command along with arguments you use to launch your component. Please note this should be the last argument of dfctl run command. For example: /usr/bin/java -jar MyApp.jar

Your application will now along with Deepfactor interception library which will collect and send over to the Deepfactor portal. At the portal, telemetry will be analyzed for insecure behaviors in accordance to the alert policy. For the fill list of options refer to the CLI reference document.

#

 

Analyze Kubernetes workloads for insecure behaviors & scan images #

Deepfactor provides helm charts that install a mutating admission webhook and one or more scan pods in your K8s cluster. Deepfactor can automatically scan container images used by pods in your K8s cluster and also observe running containers for runtime security vulnerabilities. Deepfactor can also correlate the results of the two. Refer to the following document to install Deepfactor K8s webhook.

Install Deepfactor helm charts

 

Was this article helpful?
Still stuck? How can we help?

How can we help?

Updated on February 14, 2024
Install Deepfactor CLI

Powered by BetterDocs

Table of Contents
  • Overview of Deepfactor
  • Quickstart Guide
    • Install Deepfactor CLI
    • Scan container images for vulnerabilities
    • Scan filesystem for vulnerabilities
    • Generate SBOM for your container images
    • Analyze running containers for insecure behaviors
    • Analyze non-containerized applications for insecure behaviors
    • Analyze Kubernetes workloads for insecure behaviors & scan images
Deepfactor Icon

Deepfactor is a next-gen application security platform, using static container scan data + runtime analysis to prioritize vulnerabilities to those representing true risk to a business—based on reachability, runtime usage, deployment context, and exploit maturity.

Product Pricing Resources Company Documentation Login

SUBSCRIBE TO OUR NEWSLETTER!

Sign Up
LinkedIn Icon YouTube Icon GitHub Icon Twitter Icon

© 2025 Deepfactor, Inc. All Rights Reserved.

Privacy Statement | Terms of Service | Open Source Disclosure