February 2, 2022

Now Available: Deepfactor v2.2

Andrew Horrigan, Technical Product Marketing, Deepfactor

Deepfactor 2.2 enhancements include support for BYO-Certificates, detailed Python stack traces, and robust injection of Deepfactor runtime observability!

Given the fast-paced nature of development at a software startup, it’s always important to pause – take a deeeeep breath – and 1) acknowledge your many accomplishments … and 2) recognize where “growing pains” might be preventing maximum and ongoing success. This is especially true with security software where stability, operational simplicity, and accuracy are of the utmost importance for protecting customers’ applications!

With the release of Deepfactor 2.2, our goal is to be hyper-focused on deploying a seamless developer experience for observing cloud native applications running in Kubernetes. From providing Helm Charts to ease the installation of our portal and mutating webhook, to ensuring our instrumentation performs robust compatibility checks, to adding stack trace support for Python, our efforts are concentrated on reducing operational overhead, simplifying the user experience, and maximizing time to value! Each new feature, and every minor refinement, aimed to improve the end-to-end experience for your developers.

 

Continue reading after the matrix to learn more about the latest version of Deepfactor!

 

Features Enhancements
Core Platform
  1. Support for Helm Chart installation of the DeepFactor portal and Mutating Admission Webhook
  2. Support for “Bring-Your-Own-Certificate”
  3. Improved Instrumentation – Details Below!
  • Configurable Scan Port for DAST
  • Displays pod and namespace for observed K8s workloads
Insights
  • New! Python Language Specific Agent reports augments runtime alerts with stack traces
  • New Alert! Applications making inbound/outbound connections to IP addresses not on the CIDR allow-list
  • New Alert! Process running w/ elevated privileges
  • Displays telemetry (i.e. event data) for each alert occurrence to better understand application behavior at the time of observation
  • Warns user when DeepFactor detects mixed libc environments in runtime
Integrations
  • Synopsys Black Duck Integration now reports License Information and vulnerability information for Python dependencies

 

Streamlined UX Enhancements – New Dashboards!

2022-02-01_22-23-05

 

Improved Instrumentation

With our latest release, our mutating webhook received some major updates to ensure near zero-touch instrumentation of customer applications. Without requiring intrusive agents or privileged sidecars, our mutating webhook can automatically insert a language-agnostic library into Kubernetes applications to observe every thread, process, container, and pod. And with our latest changes, our mutating webhook supports:

  • Robust pre-flight checks ensure the successful deployment of the application regardless of instrumentation status
  • Mixed containers running processes linked with different types of libc
  • Automatic configuration of the necessary environment variables (i.e. setting of LD_PRELOAD) based on the container’s entrypoint

In addition, we’re excited to announce the Tech Preview of Namespace Instrumentation which can instrument pods in a namespace with and without pod annotations. This can be enabled per namespace configured in the webhook override.yaml config or per pod based on annotations.

 

Python Language Specific Agent

Deepfactor provides a Python LSA that can be used to deliver stack trace information for many alerts displayed in the Deepfactor Portal. This agent can be injected by passing the “-l python” option to the dfctl run command.

Example: dfctl run -a "my application" -c "my component" --version "111" -v -l "python" --cmd python3 myapp.py

DeepFactor provides a Python LSA that can be used to provide stack trace information for the many runtime lalerts discovered in developer code.

 

Visit our Release Notes for more information about our latest releases. And, as always, for those interested in learning more about Deepfactor and the improvements introduced in v2.2, you can request a demo.

 

 


Deepfactor is a developer security platform that enables engineering teams to quickly discover and resolve security vulnerabilities, supply chain risks, and compliance violations early in development and testing. Requiring no code changes, the Deepfactor runtime observability technology seamlessly plugs into cloud native architectures, enabling developers to identify, prioritize, and remediate application risks. The platform integrates into developers’ existing toolchains to deliver application-aware security insights with detailed information about application behavior, system calls, and stack traces that help pinpoint vulnerable code. Deepfactor simplifies and accelerates DevSecOps by empowering engineering teams to develop secure and compliant cloud native applications.

Subscribe to our monthly eNewsletter and stay up-to-date on everything Deepfactor has to offer!