I'd be happy to work with your documentation team to create a guide on using Deepfence ThreatMapper to scan and identify security vulnerabilities in apps running on digital ocean (droplets and K8s).
ThreatMapper is an unencumbered open source project that hunts for vulnerabilities in cloud-native apps in production, much like how traditional shift-left tools do in development. It ranks the discovered vulnerabilities against a range of criteria to determine which pose the greatest potential risk, and therefore which should be fixed first.