Deepfence ThreatMapper

Vulnerability Scanning

Runtime threat management and attack‑path enumeration for cloud‑native environments

Track releases GitHub Website

TypeScript Latest v2.5.8 · 2mo ago Security brief →

Features

Detects vulnerable software components, exposed secrets, and configuration drift in production
Combines agent‑based inspection with agent‑less cloud scanning for comprehensive coverage
Visualizes attack paths via ThreatGraph to prioritize high‑risk issues

Security Response History

2 CVEs

CVE	Severity	Disclosed	Patched (this tool)	vs Ecosystem Median
CVE-2025-31125 KEV	medium CVSS 5.3	2025-03-31	Unpatched	Unpatched
CVE-2023-44487 KEV	medium CVSS 7.5	2023-10-10	Unpatched	Unpatched

Recent releases

View all 1 releases →

v2.5.8 New feature 2mo

Notable features

Removed License requirement for Threat Intelligence feeds

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

M

A

M

J

Cadence 0.1 / wk

Last release 88d

Tracked 1

Security

Full profile →

CVE composition

Open

1.0

KEV

1.0

Patched

0

Security score 3.8/10

OpenSSF —

Open CVEs 1

KEV exposure 1

SBOM SECURITY.md Active maintainer

Community

GitHub stars 5,275

Forks 635

Open issues 142

Open PRs 2

Stars/wk velocity 0.0

About

Stars

5,275

Forks

635

Languages

TypeScript Go Shell

View on GitHub Homepage Live demo Documentation

Install & Platforms

Install via

docker

Community & Support

Slack

Similar tools

grype

gebalamariusz/cloud-audit

Deepfence SecretScanner

About

Stars

5,275

Forks

635

Languages

TypeScript Go Shell

View on GitHub Homepage Live demo Documentation

Install & Platforms

Install via

docker

Community & Support

Slack

Similar tools

grype

gebalamariusz/cloud-audit

Deepfence SecretScanner

Beta — feedback welcome: [email protected]