Using Deepfence ThreatMapper
Deepfence ThreatMapper supports a range of security-related use cases:
📄️ Scanning Production Workloads
Once the ThreatMapper Management Console has been deployed and Sensor Agents have been deployed to your production platforms, the Management Console will begin to discover the workloads and infrastructure in your production platforms.
📄️ Generating SBOMs
As part of the vulnerability scanning process, the ThreatMapper sensor interrogates the running workloads and hosts and generates a runtime SBOM (Software Bill of Materials) for each target. This runtime SBOM is forwarded to the Management Console for vulnerability matching.
📄️ Compliance Posture Scanning
Once the ThreatMapper management console has been deployed, and you have configured one or more targets for compliance posture scanning, you can then scan those targets against various compliance benchmarks.
📄️ Scanning Registries
You can scan for vulnerabilities in images stored in AWS ECR, Azure Container Registry, Google Cloud Container Registry, Docker Hub, Docker Self-Hosted Private Registry, Quay, Harbor, Gitlab and JFrog from the registry scanning dashboard.
📄️ Scanning in CI
You can use ThreatMapper to scan artifacts in a CI (Continuous Integration) pipeline. If a vulnerability is detected and the CI build is blocked, ThreatMapper will submit the details to the configured notification services.
📄️ Support and Diagnostics