DeepFactor v1.8 is here!

Vikas Wadhvani, Product Manager
Post Banner

Version 1.8 of the DeepFactor portal is now available. We've added exciting new features and enhanced our existing continuous AppSec observability capabilities to give you comprehensive visibility of your applications. 

  Features Enhancements
Core Platform
  • Support for deploying DeepFactor on EKS
  • Download BOM as CSV & PDF

  • Hybrid libc containers support

  • Support for Kubernetes 1.19

  • Specify environment when launching an application with DeepFactor

  • Fail fast: dfctl run performs supported OS checks

  • Support for fat jars

Insights
  • API Security Module

  • Listening Ports table in BOM

  • Alert Policy for Interpreted Languages

  • New alert added for rate of DNS requests

  • Java Language specific agent

  • Whitelist geo for network connections

  • Alert Triaging Flow Improvements

Integrations
  • Jira Server

 

KEY FEATURES ADDED

Screenshot 2021-07-12 version 1.8.1

  1. Deploy DF Portal in EKS: DeepFactor portal can now be deployed in your Kubernetes cluster in EKS. The portal deployed in the Kubernetes cluster lets you run multiple OWASP ZAP scan simultaneously.

  2. Jira Server Integration: While we have had Jira Cloud integration for a few months now, in this release, we also added support for Jira Server (on-premises) integration. Once you complete the OAuth flow for integration, you can raise Jira tickets right from the DeepFactor Portal UI.

  3. Java Language-Specific Agent (LSA): While DeepFactor injects itself into the running application in a language-agnostic way, we build language-specific agents that help us derive more information for the specific languages. Our Java LSA is used to show you the usage of your Java dependencies and also stack traces for the alerts found. You can enable this by specifying the language option (-l or --lang) in the dfctl run command.

  4. API Security Module: We added another module of insight called API Security. You can launch API scans by supplying your OpenAPI specification and see the results of the scan under this module.

  5. Specify Environment: You can now specify the environment you are running your application in (example: QA, staging, etc.) using the --env option of the dfctl run command. For the Kubernetes webhook, we now expose a new annotation to accept the environment option.

  6. Download BOM & Alerts as CSV and PDF: We added the capability to download alerts and BOM as CSV and PDF. You can now easily share these with your teammates or your AppSec compliance teams.

  7. List of Listening Ports: We added another category under SBOM called Network. Within Network, you will see a list of ports your application is listening on and also the list of outgoing connections your application is making. This gives you good visibility into your network attack surface area.

  8. New Alerts - Rate of DNS requests: With the 1.8 release, you can set the threshold for rate of DNS request and get alerted when the threshold is exceeded by your application.

KEY ENHANCEMENTS

billions of telemetry events-1

  1. Fat Jars: DeepFactor will now unfurl the fat jars and report dependencies within the fat jar as well. This will ensure you see the full list of your dependencies and vulnerabilities associated with them.

  2. Fail Fast: DeepFactor CLI (dfctl), as well as our mutating webhook for Kubernetes deployment, now checks for supported distros and versions before launching applications with Deepfactor runtime intercepts. You can disable these checks by passing the -f option, but we strongly recommend against it.

  3. Alert Improvements:
    1. Attempt to connect to IP address not previously resolved: We will now also report the FQDN, service name, and protocol with which the connection was attempted.
    2. Capability to whitelist geo for network connections. We earlier only supported blacklist.

  4. Alert Policy for Interpreted Languages: A new alert policy for interpreted languages has been added which is tailored for applications written in Java, Python, and other interpreted languages.

  5. Alert Triaging Flow Improvements: You can now select multiple alert occurrences and move them to ‘Not an issue.’ You can also optionally add a comment to document the reason for marking these occurrences as ‘Not an Issue’.

  6. Hybrid Containers Support: If your application uses a packaged glibc in an alpine container that uses musl libc, you need to specify additional options. You can read more about this in the following Knowledge Base article: Hybrid libc environments.

  7. Support for Kubernetes 1.19: DeepFactor’s mutating admission webhook controller can now be installed on K8s clusters running the 1.19 version as well.

Visit our Release Notes for more information about our latest releases.


DeepFactor is the industry’s first Continuous Observability platform enabling Engineering and AppSec teams to find and triage RUNTIME security, privacy, and compliance risks in your applicationsincluding 3rd party componentswithin the DevOps pipeline. With zero code changes, DeepFactor automatically observes billions of live telemetry events in every thread/process/container to detect anomalies during test, staging, and production. Deep Insights cover system call risks, data risks, behavior risks, DAST scans, a software bill of materials (SBOM), and vulnerable dependencies to create high-fidelity alerts with actionable evidence. Reduce MTTR, accelerate release velocity, and ‘start left’ to create and maintain secure and compliant apps. PLAY IN OUR SANDBOX DEMO ENVIRONMENT

Subscribe to our monthly eNewsletter and stay up-to-date on everything DeepFactor has to offer!

SIGN UP