Next-gen application security observability platform providing runtime analysis, SCA, and SBOM generation for cloud-native applications.
Cisco is a worldwide technology leader that powers an inclusive future for all. Having acquired DeepFactor in August 2024, Cisco now encompasses the capabilities of DeepFactor as part of its brand. Cisco provides a range of products, services, solutions, and innovations that drive technological advancements globally.
Our take on Deepfactor
Deepfactor is a well-established player in the application security testing space, headquartered in San Jose, CA. Founded in 2018, the company has built a small but capable team of specialists that serves a diverse range of clients across multiple industries including financial services, healthcare, technology, and government sectors.
Their core service offerings span Runtime Security, SCA, SBOM, Container Security, among other specialized capabilities. Deepfactor has positioned itself as a reliable partner for organizations seeking to identify and remediate vulnerabilities in their cloud-native software applications before they can be exploited by malicious actors. The company's approach emphasizes observability-driven security that monitors applications in real-time.
One of the notable strengths of Deepfactor is its innovative approach to runtime application security observability. Rather than relying solely on static analysis, the platform observes applications during runtime to identify actual security risks, reducing false positives and surfacing truly exploitable vulnerabilities. Their security professionals bring deep technical expertise in container and cloud-native security.
From a service delivery standpoint, Deepfactor demonstrates professionalism in product delivery and customer support, with clear documentation and integration guides. Their solutions are designed to integrate into modern CI/CD workflows, supporting organizations in their shift-left security initiatives and DevSecOps transformations with minimal performance overhead.
For organizations evaluating application security testing providers with a focus on cloud-native and containerized environments, Deepfactor represents an innovative option worth considering. Their combination of runtime observability, software composition analysis, and SBOM capabilities makes them especially relevant for development teams working with microservices architectures and Kubernetes-based deployments.
Verified credentials and recognition earned by Deepfactor
Verified
This agency has a verified website presence.
LinkedIn Verified
This agency has a verified LinkedIn company page.
5+ Years
Established in 2018. Over 5 years of experience.
Small Team
Small (11-50)
Rankings earned on AgencyCluster
Common questions about Deepfactor.
Deepfactor has earned rankings on 2 AgencyCluster lists: Top 25 Application Security Testing in California, Top 50 Application Security Testing. Their highest AgencyCluster Score is 40/100. Rankings are merit-based and determined by evidence across six evaluation pillars — agencies cannot pay for higher positions.
Yes. Deepfactor has been vetted and verified by AgencyCluster's editorial team through a rigorous, multi-factor review process. Unlike self-serve directories, AgencyCluster does not accept automated submissions — every agency is evaluated manually before being published. Our vetting covers identity verification (website, LinkedIn, domain age), business legitimacy (years of operation, team size, registered presence), evidence of work (case studies, portfolio, client outcomes), reputation checks across third-party platforms, activeness and freshness of their online presence, and screening for red flags including misconduct, fraud, or misleading claims. Agencies that fail any critical check are not listed. For Deepfactor, verified signals include a functioning website, LinkedIn company profile, 8+ years of operating history (founded 2018), 2 earned rankings on curated top lists.
