Deepfactor Release 3.4 Overview

With release 3.4, Deepfactor now offers exciting new runtime reachability and runtime security enhancements:

• Increased language support for runtime reachability and runtime security
• Ability to visualize vulnerability trends across releases and track security posture over time (see below)

• Rich remediation guidance with risk vs. effort mapping, direct vs. transitive dependencies, container base image vs. layer information, and more (see below)

For additional details on release 3.4, for both on-prem and SaaS versions, please review the Release Notes in Deepfactor Docs.

Release 3.4 Highlights:

	Enhancements
SBOM and SCA for OSS Dependencies and Container Scans	Ability to tag scans to a particular release. Identify vulnerability trends across builds in a particular release and also across releases. Ability to tag dependencies detected during filesystem scans as transitive and identifying the root dependency for Java. Detection of Node.js and PHP dev dependencies for filesystem scans. Global search for artifacts based on multiple criteria such as resource, vulnerability, and OS distribution. Recommendations pane that highlights the actions needed to fix direct, transitive, and base image layer vulnerabilities.
Runtime SCA	Runtime reachability of PHP, Ruby, Kotlin, and Scala dependencies. Users can now use the reachability results to prioritize vulnerabilities in these dependencies.
Runtime Security	Support for observing Go applications.

The post Deepfactor 3.4 Includes Enhanced Runtime Reachability and Runtime Security Capabilities appeared first on Deepfactor.

*** This is a Security Bloggers Network syndicated blog from Deepfactor authored by Deepfactor. Read the original post at: https://www.deepfactor.io/deepfactor-3-4-includes-enhanced-runtime-reachability-and-runtime-security-capabilities/