Deepfence, a security observability and protection company, today announced the 1.4 release of ThreatMapper, its open-source cloud-native offering that expands attack path visualization, adds enterprise-grade cloud security posture management, and includes a cloud-native YARA-based malware scanner.

ThreatMapper offers users the ability to scan, map, and rank vulnerabilities in running pods, images, hosts, and repositories. The 1.4 release provides users with a more comprehensive approach to threat mapping as well as the ability to contextualize and correlate scan results in an intuitive graph. 

Among the new features included in this release is ThreatGraph, a feature that utilizes runtime context like network flows to prioritize threat scan results and enables organizations to narrow down attack path alerts. 

“Security is a collective good and a basic right, and we are proud to offer an open platform that addresses the most pressing day one needs of cloud security teams,” said Sandeep Lahane, co-founder and CEO of Deepfence. “ThreatMapper 1.4 is a giant leap forward for the security community, providing the most comprehensive security features and capabilities that security teams need, free of any cost or limitations. With version 1.4 we’ve strengthened ThreatMapper’s capabilities to the point that we’re not aware of any other product – open source or commercial – that can match it.”

Additionally, ThreatMapper 1.4 brings users agentless cloud security posture management of cloud assets mapped to various compliance controls such as CIS, HIPAA, GDPR, and SOC 2, and others.

Open-source ThreatMapper 1.4 is now available on GitHub. For more information, see the release blog.