Sold by: Deepfence Inc
Thousands of companies trust Deepfence to secure their most critical cloud workloads and applications with a unified platform. Experience rapid threat detection and remediation, while significantly reducing non-critical security alerts by 90%. Deepfence ThreatStryker is a Cloud-Native Application Protection Platform (CNAPP) that provides next generation runtime attack analysis, threat assessment, and targeted runtime protection for your cloud infrastructure and applications. Deployable as self-managed infrastructure or as SaaS.
4
Overview
A Cloud-Native Application Protection Platform (CNAPP) that provides next generation runtime attack analysis, threat assessment, and targeted runtime protection for your cloud infrastructure and applications. Deployable as self-managed or SaaS. The Deepfence ThreatStryker CNAPP provides the following capabilities:
A Holistic Look at Runtime Threats:
Experience the power of Deepfence ThreatStryker as it uncovers every active container, process, and host, delivering a dynamic, color-coded, interactive topology. With precision, ThreatStryker audits cloud workloads, detecting vulnerable elements, and scrutinizing configurations to reveal misconfigurations in file systems, processes, and networks. Elevate your compliance by leveraging ThreatStryker's assessment capabilities using industry and community-standard benchmarks.
Threat Intelligence and Anomaly Detection for Modern Environments:
Discover the prowess of ThreatStryker as it conducts in-depth analysis of network traffic, system, and application behavior, while accumulating suspicious events over time. By classifying and correlating events against known vulnerabilities and dubious behavioral patterns, ThreatStryker efficiently detects active threats with minimal false positives, ensuring optimal security for your organization.
Targeted Remediation Against Active Threats for Realtime Threat Neutralization:
Experience the power of ThreatStryker as it identifies suspicious behavioral patterns and swiftly determines the intent behind them. With precise and targeted remedial actions, ThreatStryker handles tainted workloads by deleting, freezing, or restarting them, while blocking attack traffic sources temporarily or permanently. Seamlessly integrated with SIEM and monitoring systems, it raises alerts and effectively halts attackers in their tracks, neutralizing threats and preventing lateral spread.
Highlights
- Prioritize and identify true exploitable risk within your infrastructure deployments (IaaS & PaaS) in AWS across a number of modalities - vulnerabilities, mis-configurations, exposed secrets, sensitive data, and malicious software. Cure alert fatigue without sacrificing security signals - reduce cloud security alerts by up to 90% with this risk-based approach and get a ThreatGraph of prioritized risk for your internal attack surface.
- With Deepfence, confidently stop threat actors in their tracks as you secure and scale your multi-cloud environment. Our cutting-edge security protections empower you to block traffic, quarantine hosts, remediate vulnerabilities, and address misconfigurations with ease. Stay ahead of the curve by leveraging our industry-first Cloud Native Packet Filtering, powered by eBPF + XDP. This technology effectively seals off both plain text and encrypted attack paths without relying on proxies!
- Unlike most tools in the CNAPP space that focus solely on the cloud layer, Deepfence goes the extra mile by integrating security signals from the cloud, network, and application layers of your infrastructure. By fusing these diverse layers of information, Deepfence empowers you with a holistic view of your security landscape. This comprehensive approach allows you to identify potential risks, detect anomalies, and respond to threats more effectively.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months | Overage cost |
|---|---|---|---|
Security Starter Plan 1 | An Enterprise CNAPP for up to 100 nodes. | $25,000.00 | |
Security Starter Plan 2 | An Enterprise CNAPP for up to 200 nodes. | $50,000.00 | |
Security Starter Plan 3 | An Enterprise CNAPP for up to 500 nodes. | $75,000.00 | |
Security Growth Plan 1 | An Enterprise CNAPP for up to 1000 nodes. | $100,000.00 | |
Security Growth Plan 2 | An Enterprise CNAPP for up to 2000 nodes. | $150,000.00 | |
Security Growth Plan 3 | An Enterprise CNAPP for up to 3000 nodes. | $200,000.00 | |
Enterprise Security P1 | An Enterprise CNAPP for up to 4000 nodes. | $250,000.00 | |
Enterprise Security P2 | An Enterprise CNAPP for up to 5000 nodes. | $300,000.00 | |
Enterprise Site License | An Enterprise CNAPP without Node Limits. | $500,000.00 |
Vendor refund policy
All fees are non-refundable and non-cancellable except as required by law
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Email support is offered from Monday-Sunday, 24/7/365.There is also Slack Support available. cs@deepfence.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Uptycs
By Orca Security CNAPP
Top
10
In Monitoring, Application Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Runtime Threat Detection and Analysis
Next generation runtime attack analysis with in-depth examination of network traffic, system, and application behavior to detect active threats with minimal false positives
Cloud Native Packet Filtering
Industry-first Cloud Native Packet Filtering powered by eBPF and XDP technology for blocking both plain text and encrypted attack paths without proxy dependencies
Multi-Layer Security Integration
Integration of security signals from cloud, network, and application layers to provide holistic visibility across infrastructure deployments
Risk-Based Vulnerability Assessment
Identification and prioritization of exploitable risks including vulnerabilities, misconfigurations, exposed secrets, sensitive data, and malicious software across IaaS and PaaS environments
Targeted Runtime Remediation
Automated remedial actions against active threats including deletion, freezing, or restarting of tainted workloads and blocking of attack traffic sources with SIEM and monitoring system integration
Multi-Cloud and Workload Coverage
Supports deployment across more than 40 AWS services including compute, containers, storage, databases, networking, developer tools, management and governance, analytics, security, application integration, end user computing, machine learning, and migration services. Extends coverage to public and private cloud, Kubernetes, rare Linux distros, IBM LinuxONE, Linux on Z, IBM Power, AIX, and HPC environments.
Unified Security Data Platform
Consolidates cloud security into a single console with unified policy framework and data lake. Normalizes security telemetry close to collection point and streams into detection cloud for queryable attack surface analysis without ETL requirements.
Full Lifecycle Application Protection
Provides end-to-end protection including malware and suspicious behavior detection on developer endpoints, vulnerability identification in build process, secure configuration verification, runtime monitoring, exposure scanning, full attack path analysis, anomaly and behavior-based threat detection, Infrastructure as Code misconfigurations identification, and Identity Threat Detection and Response (ITDR) capabilities.
Agentless and Agent-Based Detection
Offers instant-on agentless coverage with optional osquery-based agent utilizing eBPF technology for runtime protection, advanced remediation, and forensics. Agent designed to minimize memory, CPU, and disk I/O footprint while providing rich security telemetry including file system files, Augeas lens, DNS lookups, sudoers list, and disk encryption data.
Compliance and Security Standards Support
Supports CIS benchmarks, HIPAA, ISO 27001, NIST, PCI, and SOC 2 compliance requirements. Includes file integrity monitoring (FIM), vulnerability scanning, security hygiene assessment, cyber asset management, and 13-month historical data lookback for compliance and forensic analysis.
Agentless Cloud Security Architecture
Agentless-first approach using patented SideScanning technology that provides deep visibility into cloud environments without requiring agent deployment
Risk Prioritization and Attack Path Analysis
Granular risk scoring applied to each alert with capability to identify and correlate seemingly unrelated issues into dangerous attack paths
Unified Cloud Security Platform
Single platform consolidating multiple security functions including CSPM, CWPP, CIEM, DSPM, Container security, and API security
CI/CD Integration for Application Security
Seamless integration into CI/CD process to secure applications from code to cloud deployment
AI-Powered Investigation and Remediation
Generative AI capabilities for simplified security investigations and accelerated remediation workflows
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
-
-
-
-
-
-
-
-
-
Standard contract
No
No
Customer reviews
Ali M.
Vulnerability identification and attack monitoring
Reviewed on Aug 09, 2024
Review provided by G2
What do you like best about the product?
ThreatStryker is good at mapping my applications and identifying threats or weak points. This made it easy for me to understand my level of vulnerability, and what aspects to focus on first. The incorporation of runtime attack detection did look like the protection for active threat prevention.
What do you dislike about the product?
ThreatStryker can accurately identify threats, it does not offer an automated method to address them. It became arduous to fix each vulnerability individually since it was coupled with a massive environment. The lack of an automated patching function is a significant disadvantage for ThreatStryker.
What problems is the product solving and how is that benefiting you?
ThreatStryker does help me to a certain extent because it is a vulnerability discovery and attack detection tool. I believe that being aware of my limitations are and the ability to detect untoward movement make me secure against threats.