How is Deepfactor different from traditional Application Security tools? #
Deepfactor is designed, from the ground-up, to be cloud-native first and developer first. It is also designed as an integrated platform that combines dependency & container scans (SCA), runtime SCA, runtime security insights (container security) and, software bill of materials (SBOM) into one simple and powerful tool.
With an integrated platform for detecting risks in application code, dependencies, container images and web/API interfaces, Deepfactor eliminates the need to buy multiple tools and saves engineering teams time and effort by automating the process of researching vulnerabilities and finding resolutions.
The Deepfactor cloud-native first design seamlessly plugs into docker and Kubernetes environments, and integrates all the way across the SDLC from dev, test and CI/CD to production environments.
What can Deepfactor help customers achieve? #
Organizations typically embrace Deepfactor for the following reasons:
Make Developers More Efficient
When developers are asked to fix a list of vulnerabilities in their code, it takes time for them to research the vulnerabilities, pinpoint the location of the vulnerability in their code, and figure out how to resolve the issue. Deepfactor automates that process, saving developers time they can use to improve their code or add additional features.
Avoid Release Delays
Finding vulnerabilities early in development and testing enables developers and QA teams to fix security risks before they prevent releases. Deepfactor surfaces vulnerability information immediately as developers check-in their code and start testing their applications.
Prevent breaches in production
Detecting security risks comprehensively across the various layers of a cloud-native application’s tech stack helps engineering teams get in the habit of creating secure & compliant applications by default. This significantly reduces the risk of breaches in production.
Shift Security Left
Identifying security risks during dev & test significantly reduces the chance of release delays, typically caused due to last minute surprise security findings, by your AppSec team or even your customers, towards the end of the release
Shift Compliance Left
Identifying violations to compliance frameworks such as SOC2, PCI etc, during dev & test, can help shift compliance left. This can help engineering teams stay on top of compliance and reduce release delays when compliance violations are discovered later in the stage of or after the release.
Secure The Software Supply Chain
Organizations selling software to the Federal Government are required to maintain software bill of materials. After high profile breaches that compromised software supply chains such as the SolarWinds exploit, many organizations are requiring all their vendors to provide transparency around the software’s vulnerabilities. Deepfactor helps maintain both static and dynamic SBOM and tie that into software release versions and deployment environments.
How does Deepfactor fit into the SDLC pipeline? #
Deepfactor can run during your dev, test, stage or production environments.
Where does the Deepfactor portal reside?
Deepfactor offers both SaaS & Self-Managed options. With the SaaS option (coming soon), the Deepfactor portal is hosted in the public cloud in a multi-tenant environment. The self-managed option enables enterprise customers to set up their own single-tenant Deepfactor portal in their cloud of choice or on-premises. Deepfactor today provides self-managed options for Kubernetes (Amazon EKS, Azure AKS, Google GKE, or other Kubernetes environments), AWS EC2 using CloudFormation Template, or using an .OVA (VMware).
What Types of Applications can be run with Deepfactor? #
Deepfactor’s runtime telemetry support code is provided in a shared library called libdf.so. This library is loaded into an application when it starts. The telemetry support code is written to instrument calls by an application to the underlying C runtime library (glibc or musl, based on the Linux distribution). Some types of applications do not directly use the C runtime library and thus fewer telemetry events will be collected for analysis. These include statically linked applications and applications written in Go.
Applications that have a set of capabilities registered with Linux (eg, by using the setcap(8) program) or protected by AppArmor/SELinux may not allow the Deepfactor shared library to load. In this case, no telemetry will be gathered. This also applies to applications whose setuid/setgid bit is set. This can be fixed by running the instrumented executable without this configuration; remember to re-enable such protections before deploying the application to production.
Deepfactor sets LD_PRELOAD to inject the Deepfactor runtime into your application. If you are using another tool that is setting LD_PRELOAD, Deepfactor will not be injected and a warning will be shown on Deepfactor portal UI.
Does Deepfactor work with non-containerized applications
Yes. While Deepfactor is built with a container-first approach, it also works with monolithic/non-containerized applications.
How much does it cost? #
Please visit our pricing page for details.
How do I get started?
Contact us. One of our customer success engineers will reach out to you for a free consultation to understand your tech stack and help you set up the product.