When the showcase floor opened at KubeCon, a visitor walked up and said “What is ‘Continuous AppSec’ anyway?”
Just over 600 days before our booth’s opening inquiry last week at KubeCon + CloudNativeCon 2021, I was attending my last in-person event at Cisco Live EMEA in January 2020. In the months since, our industry continues to rapidly evolve, with the impact of COVID-19 forcing many enterprises to (re)consider significant, transformational changes to capitalize on the many benefits of cloud-native technologies.
It was against this backdrop that DeepFactor launched from stealth in September 2020 with the promise of revolutionizing application security. DeepFactor recognized a critical requirement for developers and application security teams to secure applications at the source - themes that would continue to influence messaging and key takeaways heading into KubeCon + CloudNativeCon 2021. Security remains one of the number one challenges for enterprises to tackle during digital transformation.
More importantly, KubeCon + CloudNativeCon 2021 was actually the first time our “remote-first” company was given a chance to truly meetup in person - particularly since doubling in size following our Series A Funding Announcement in September. Needless to say, we seized the opportunity to share drinks, laughs, and just a little bit of planning as we embarked on the next important stage of our journey …
… answering questions at our booth in the Sponsor Showcase!
So, back to: “What is ‘Continuous AppSec anyways?”
That’s a great question. By using a combination of dynamic application security testing (DAST), next-generation interactive application security testing (IAST), and software composition analysis (SCA) technology, DeepFactor is the industry’s first unified AppSec solution that continuously observes running applications for security vulnerabilities, supply chain risks, and compliance violations, directly within the CI/CD pipeline.
“But why does runtime observability matter?”
Another excellent question. Runtime observability enables DeepFactor to provide engineering teams with a prioritized and actionable list of security vulnerabilities, dependencies, and remediation steps based on what the application actually does, reducing the volume of alerts and accelerating the pace of development. Rather than introduce yet another noisy and “disconnected” tool into your pipeline, DeepFactor is purpose-built to drive the adoption of DevSecOps for cloud-native technologies and development practices.
“Okay … well, what’s new and exciting for DeepFactor?”
Thanks for the change up. We’ve got 2 exciting things to share coming out of KubeCon:
- DeepFactor is absolutely thrilled to have joined the CNCF the CNCF as a Silver Member! To echo Priyanka Sharma, general manager of the Cloud Native Computing Foundation, “We look forward to working together as we usher in the next era of cloud native.” While DeepFactor is already free for open source projects for open source projects, we’re hoping to contribute back even more to the community in the coming months!
- On October 13th, 2021, we announced the general-availability of DeepFactor 2.0, introducing a new, microservices-based installation and architecture for our next-generation application security, compliance, and supply chain solution. DeepFactor can now be deployed to any Kubernetes cluster, observing cloud-native applications during any stage of the software development lifecycle (SDLC). DeepFactor 2.0 is available immediately for deployment on Amazon Web Services (EKS, Fargate, EC2), Microsoft Azure (AKS), Google Cloud (GKE, GCE), VMware (Tanzu, MicroK8s), or anywhere Kubernetes is supported.
Although KubeCon + CloudNativeCon 2021 has come to a close, we’re excited to continue these interactions with our customers both online and in-person. In the meantime, consider visiting our website for more information:
- DeepFactor Sandbox: Start playing with DeepFactor in our Live Sandbox, where you are provided a real-time environment with monitored applications.
- DeepFactor Brochure: Review our Brochure for the latest information on the industry’s first Continuous Application Security Testing solution.
- Blog: Read the new blog “How and Why We Used Kubernetes for DeepFactor 2.0.”
And, as always, please contact us if you would like to learn more about DeepFactor.