The rise of cloud computing has created huge opportunities for businesses … and for cyber criminals. As the cloud evolves, the attack surface fluctuates.

New sources are turned on and off, code is deployed continuously, and keeping up with scanning for threats is impossible. No current security tool exists that can deliver visibility across this complex cloud environment, according to Sandeep Lahane (pictured, left), founder and chief executive officer of Deepfence Inc.

“It’s not one data center where everything would look and feel and smell similar,” he said. “It’s containers and Kubernetes and serverless, and all of that stuff is hackable. “The stuff starts getting out of control when you have so many different modalities running side by side. So much moving attack surface that’s ever-evolving. You never know that you’ve scanned enough because you never have.”

Lahane and Shyam Krishnaswamy (pictured, right), co-founder and chief technology officer of Deepfence, spoke with John Furrier and David Nicholson, co-hosts of theCUBE, SiliconANGLE Media’s livestreaming studio, during KubeCon + CloudNativeCon NA. They discussed Deepfence’s announcement that ThreatMapper is now 100% open-source and available on Github. (* Disclosure below.)

Security deployed as a microservice

ThreatMapper is an open-source security tool developed to protect cloud environments by automatically scanning, mapping and ranking application vulnerabilities. The thought process that led to the creation of the tool was security as a microservice because “everything is becoming a microservice,” Lahane said.

“Security is all bottom-up,” Krishnaswamy added. “No, it has to start top-down. So, your applications are microservices; your security should also be a microservice.”

Lahane describes ThreatMapper as “an X-ray or MRI scan of the cloud.” The tool monitors applications across time and space in cloud, container and serverless environments and maps the presence of threats on the attack surface. Picking up where shift-left tactics leave off, ThreatMapper plugs the “gap in the middle” of the CI/CD pipeline, providing a comprehensive overview of potential threats and weaknesses. Deepfence’s ThreatStryker takes the functionality further by not only mapping, but observing anomalies and neutralizing threats through targeted quarantine.

The uniqueness of ThreatMapper and ThreatStryker is that they make security defense as easy to deploy as a microservice, according to Lahane.

“You go to scale, it’s deployed, operated just like you do your microservices. So no code changes, no other toolchain changes. It just is yet another microservice that’s going to look after you,” he said.

Security is a community effort for the common good

Today’s security solutions have to handle the insecurity of dispersed environments alongside increased cyberattacks and more sophisticated attackers.

“Hacks aren’t being conducted the way they were five years ago,” Lahane stated. “They’re being outsourced. There are sophisticated teams for building exploits. There is a whole industry out there.”

Facing down this threat requires a community effort, which is why open source is the ideal basis for creating a comprehensive solution. ThreatMapper is based on information that was already within the open-source community, according to Lahane.

“It’s a tribal knowledge. It’s their informal feeds, informal GitHub tickets, and a lot of these things,” he said.

Deepfence has consolidated this wisdom within the ThreatMapper platform and made it available for free.

“Security is [for the] collective good,” Lahane said. “If you’re doing open-source, community-based programs like though this, it is for the collective good.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of KubeCon + CloudNativeCon NA. (* Disclosure: This is an unsponsored editorial segment. However, theCUBE is a paid media partner for KubeCon + CloudNativeCon NA 2021. Red Hat, the Cloud Native Computing Foundation and other sponsors of theCUBE’s event coverage have no editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE