1. DeepFactor
  2. Knowledge Base

Deepfactor Pre-install Checklist

Avatar
Deepfactor Support

The Four "I's": Install, Instrument, Insights, Integrations 

Deepfactor setup workflow is comprised of Four "i"s - Install, Instrument, Insights, and Integrations. Below we cover the prerequisites required to achieve these four "i"s. Please go through these ahead of your Deepfactor setup to ensure success with the product.

Install - Install the Deepfactor portal

The Deepfactor portal is the core of the Deepfactor application. It comprises a set of services that receives telemetry data generated from the runtime process of your applications and generates insights.

Deployment of the portal is currently supported in two ways:

  1. AWS - Using a downloadable AWS CloudFormation template.
    Pre-requisites: This requires an AWS account with an account permission to deploy:

    1. One EC2 instance - m5a.2xlarge (recommended)
    2. Two EBS storage devices totaling 520GB.
    3. An Elastic IP (EIP) address.
  2. VMware - Deploy locally using a downloadable OVA file.
    Pre-requisites: This requires an ESXi host or VMware cluster with:

    1. Administrator permissions
    2. 32GB RAM
    3. 8 vCPU
    4. 520GB Disk
    5. A DHCP addressable space

Once complete, review the next step: Launching the Deepfactor Portal after Installation


Instrument - Configure your application to send telemetry data

Deepfactor works with both containerized apps and traditional non-containerized apps, as long as you are running one of our supported Linux distributions mentioned in this list.

Pre-requisites:

1. Instrumentation of containers will require account access to the Docker build engine
   and possible read/write access to a repository if  image management is used. 

2. Non-containerized binary applications will require read/write access to create a new
   binary file.

You can get started by referencing this document:
Instrumenting your first application


Insights - Review the results

Deepfactor provides insights using its Application Runtime Intelligence module, across three areas:

1. Know Your App
Deepfactor assesses your app's network topology and composition, and drift between builds. This includes web services. files, network, ports, 3rd Party APIs, and libraries. 

2. Know You Security
Deepfactor pinpoints security risks within your code & 3rd party code at execution time. These include:

a. Code execution risks curated by Deepfactor's security research team.

b. AppSec policy violations.

c. OWASP risks (leveraging a one click/command headless OWASP ZAP Scans integration. Also see: ZAP Scan Q & A).

d. Runtime vulnerabilities (CVEs/CWEs/CVSS scores) in your dependencies and libraries to complement your SCA tools.

Pre-requisites: 
Use your browser to login to the DeepFactor portal and access your insights.

 

Integrations - Integrate with your DevOps pipeline & Dev tools

Complete your setup by integrating Deepfactor into your existing toolset. 

Integrating Jira with Deepfactor portal

Integrating Slack with Deepfactor portal

Pre-requisites:
You need the application administrator rights for integration.

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.