See a Demonstration of DeepFactor 2.0 at KubeCon + CloudNativeCon (#SU50)
October 13th, 2021 – Los Angeles, CA – DeepFactor™, the leader in Continuous Application Security Testing (CAST), today announced DeepFactor 2.0, which introduces a new, microservices-based architecture for the next-generation application security, compliance, and supply chain solution. DeepFactor can now be deployed to any Kubernetes cluster, observing cloud-native applications during any stage of the software development lifecycle (SDLC).
According to the Gartner® report 12 Things to Get Right for Successful DevSecOps, “The lesson is clear — don’t force information security’s old, heavyweight, checkpoint-focused processes on DevOps developers,” wrote Dale Gardner, Sr. Director Analyst, Gartner. “Instead, integrate continuous security assurance seamlessly throughout the continuous integration/continuous deployment (CI/CD) toolchain and processes.”
In this cloud-native world, costly data breaches, pervasive supply chain attacks, and expanding compliance requirements make it critical that businesses adopt a DevSecOps approach, enabling them to reduce risks before they ship code. DeepFactor analyzes modern applications for security vulnerabilities, supply chain risks, and compliance violations using a combination of dynamic application security testing (DAST), interactive application security testing (IAST), and software composition analysis (SCA) technology.
“This release marks a major milestone for DeepFactor,” said Kiran Kamity, CEO and Founder, DeepFactor. “Whether the customer is years into an application modernization effort or is just starting to explore the promise of cloud-native development practices, DeepFactor is purpose-built to be seamlessly deployed and integrated directly into the customer’s development environment, right alongside where the application is being developed and tested.”
By observing the running application in the development environment, DeepFactor provides a prioritized and actionable list of security vulnerabilities, dependencies, and remediation steps based on what the application actually does, reducing the volume of alerts and accelerating the pace of development.
“Ultimately, our goal is to provide developers with comprehensive, prioritized and actionable insights throughout the software development lifecycle,” said Mike Larkin, CTO and Founder, DeepFactor. “In our opinion, DevSecOps means the developer should never need to leave the CI/CD pipeline to understand the security and behavior risks of an application. By aligning our deployment model with how modern software is being developed and tested, DeepFactor 2.0 will help reduce any friction between engineering and security teams as they move forward with adopting modern AppSec.”
DeepFactor 2.0 is available immediately for deployment on Amazon Web Services (EKS, Fargate, EC2), Microsoft Azure (AKS), Google Cloud (GKE, GCE), VMware (Tanzu, MicroK8s), or anywhere Kubernetes is supported.
- DeepFactor Sandbox: Start playing with DeepFactor in our Live Sandbox, where users are provided a real-time environment with monitored applications.
- DeepFactor Brochure: Review our Brochure for the latest information on the industry’s first Continuous Application Security Testing solution.
- Blog: Read the new blog “How and Why We Used Kubernetes for DeepFactor 2.0.”
Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the US and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
DeepFactor analyzes modern applications for security vulnerabilities, supply chain risks, and compliance violations using a combination of dynamic application security testing (DAST), interactive application security testing (IAST), and software composition analysis (SCA) technology during the CI/CD build and test phases of the software development lifecycle (SDLC). By observing the running application in the development environment, DeepFactor provides a prioritized and actionable list of security vulnerabilities, dependencies, and remediation steps based on what the application actually does, reducing the volume of alerts and accelerating the pace of development. For more information, visit www.DeepFactor.io and follow us on LinkedIn and Twitter.
DeepFactor is a registered trademark of DeepFactor, Inc. All other product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.