ThreatMapper
Vulnerability scanner software
DevSecOps software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if ThreatMapper and its alternatives fit your requirements.
Contact the product provider
Free TrialFree version
Small
Medium
Large
-
What is ThreatMapper
ThreatMapper is a vulnerability scanning and security visibility tool used to identify risks across container images, running containers, hosts, and Kubernetes environments. It targets DevSecOps and security teams that need continuous discovery and assessment of assets in cloud-native deployments. The product emphasizes agent-based discovery and mapping of runtime assets alongside vulnerability findings, with deployment options that fit CI/CD and cluster operations.
Cloud-native workload coverage
ThreatMapper focuses on container images, running containers, hosts, and Kubernetes-related assets, aligning with common cloud-native security use cases. This makes it suitable for teams that need vulnerability visibility beyond traditional host-only scanning. It supports scenarios where workloads are ephemeral and inventory changes frequently.
Runtime asset discovery and mapping
In addition to scanning, ThreatMapper emphasizes discovery of what is actually running and how assets relate, which can help teams prioritize remediation. This is useful in environments where registries and IaC definitions do not fully reflect runtime reality. The mapping approach can support triage by connecting findings to active workloads.
DevSecOps-oriented deployment model
ThreatMapper is commonly used in operational pipelines and cluster environments where security checks need to run continuously. Its design aligns with DevSecOps workflows that require repeatable scans and integration into engineering processes. This can reduce reliance on periodic, manual assessments.
Depth varies by use case
Organizations looking for a single platform spanning vulnerability management, posture management, and advanced threat detection may find ThreatMapper narrower in scope. Some adjacent capabilities (for example, broader cloud posture controls) may require additional tools. Fit depends on whether the primary need is scanning and runtime visibility versus a consolidated security suite.
Operational overhead in clusters
Agent-based discovery and runtime visibility can introduce deployment and maintenance work, especially across multiple clusters and environments. Teams may need to manage permissions, upgrades, and resource usage to keep coverage consistent. This overhead can be more noticeable in highly regulated or locked-down Kubernetes environments.
Ecosystem integrations may be limited
Compared with more established DevSecOps platforms, integration breadth (ticketing, CI providers, policy engines, and reporting workflows) may not match every enterprise standard out of the box. Some organizations may need custom integration work to align findings with existing remediation processes. This can affect time-to-value for teams with complex toolchains.
Plan & Pricing
Pricing model: Open-source / self-hosted (ThreatMapper)
Details:
- ThreatMapper (open-source): 100% open source — available on GitHub and distributable/self-hosted with no published charge.
Commercial / Enterprise offering (vendor):
- ThreatStryker (Deepfence enterprise CNAPP that extends ThreatMapper): No public pricing published on the vendor site — contact Deepfence for enterprise licensing and quotes.
- Free trial for enterprise offering: ThreatStryker — 14-day free trial (as stated on Deepfence site).
Notes:
- No tiered prices, per-seat, or usage-based costs for ThreatMapper are published on official Deepfence or ThreatMapper sites. The vendor directs prospective customers to contact sales or book a demo for enterprise pricing.
Seller details
Deepfence Inc.
San Jose, California, United States
2020
Private
https://www.deepfence.io/
https://x.com/deepfence
https://www.linkedin.com/company/deepfence
