Two of the core values of the Deepfactor developer security platform are simple and automated cloud native instrumentation and deep insights into application risks. Deepfactor v2.3 introduces several enhancements to further improve the platform’s ability to deliver on these values.
Most notably, the Deepfactor Mutating Admission Controller for Kubernetes has been enhanced to automatically instrument every application container within a given namespace, drastically improving time-to-insights for a given application. In addition, Deepfactor v2.3 extends dependencies insights to cover license-related applications risks such as outdated OS distributions that are End-of-Life (EOL) or disallowed licenses being used as an application dependency.
Continue reading after the matrix to learn more about the latest version of Deepfactor!
Key Features Added
- Namespace Instrumentation: Users can now seamlessly instrument entire namespaces without manual configuration changes. Read how to enable this for your cluster here.
- License Alert: Deepfactor can now be configured to alert on the various licensing types being used by your dependencies. This is important for catching and mitigating license risks, an essential requirement for software compliance. (See the screenshot below)
- Enhanced Deepfactor Dashboard:
- Noise Reduction in K8s Environments: The Deepfactor Runtime Library has been tuned to no longer observe liveness, readiness probes and any process executed inside a container using kubectl exec or docker exec command. This helps reduce noise and enables developers to focus only on the insights discovered for their application.
- Performance Improvements: Introduced improved backend queries and frontend caching to increase responsiveness in the Deepfactor Portal.
Visit our Release Notes for more information about our latest releases. And, as always, for those interested in learning more about Deepfactor and the improvements introduced in v2.3, you can request a demo.
Deepfactor is a developer security platform that enables engineering teams to quickly discover and resolve security vulnerabilities, supply chain risks, and compliance violations early in development and testing. Requiring no code changes, the Deepfactor runtime observability technology seamlessly plugs into cloud native architectures, enabling developers to identify, prioritize, and remediate application risks. The platform integrates into developers’ existing toolchains to deliver application-aware security insights with detailed information about application behavior, system calls, and stack traces that help pinpoint vulnerable code. Deepfactor simplifies and accelerates DevSecOps by empowering engineering teams to develop secure and compliant cloud native applications.