Whitepaper: Introducing SCA 2.0: Prioritize Risk, Reduce False Positives, and Eliminate SCA Alert Fatigue
Download Today! >Share:
Deepfactor 3.8 Release Overview
As with every release, we continue to enhance our offering in terms of coverage, vulnerability prioritization, and enterprise features. In this new release, the Deepfactor Application Security Platform now offers customers:
| Features | Enhancements | |
| Core Platform | · SSO integration with SAML and OIDC protocols for on-prem installations
· SCIM support for user provisioning |
· Performance improvements in applications that spawn several processes |
| SBOM, SCA & Container Scans | · Global SCA dashboard which highlights the important insights to focus on across all artifacts
· Global list of resources with extensive filtering options to prioritize based on risk. · Base image detection |
Deepfactor Release 3.8 Details
- SSO integration: Deepfactor now allows on-prem portal users to integrate Deepfactor with their SSO provider to ensure that access to the platform is centrally controlled from the SSO provider. We support both SAML and OIDC to ensure we integrate with most SSO providers. You can read more about SSO integration here.
- SCIM (System for Cross-Domain Identity Management): Along with SSO integration, Deepfactor also supports SCIM for user provisioning, providing greater flexibility and ease of use for admins as they can control user access to Deepfactor directly from their SSO provider. You can read more about SCIM provisioning here.
- Global SCA dashboard: Deepfactor now provides a global SCA dashboard which highlights key SCA insights from all of the scanned artifacts. This is a great place for AppSec engineers to understand where they need to focus and which developer teams they need to work with to reduce the organizational security risk.
- Global resource dashboard: Deepfactor provides the global list of resources with extensive filtering capability, with filtering parameters from the left/scan (vulnerable, CVSS score, exploit availability, EPSS, CISA KEV, Fix available, CVSS base metrics, etc.) and from the right/runtime observation (runtime reachable, K8s cluster. etc.).
- Base image detection: Deepfactor now shows base images used across your container images that have been scanned. This helps AppSec teams understand the risk associated with the base image and the extent of usage within application container images. AppSec teams can then make informed decisions to move to slimmer base images that have lesser risk/attack surface area.
For additional details on release 3.8, for both on-prem and SaaS, please review the Release Notes in Deepfactor Docs.