SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Twistlock 2.3 Debuts

January 3, 2018

The latest version represents the 12th major release of Twistlock's flagship product and arms customers with a more comprehensive platform for cloud native security. 2.3 includes even more intelligent tools enhanced runtime defense based on real world research, security for serverless functions across all major cloud providers, app aware system call defense, and image layer aware vulnerability analysis. In addition, Twistlock 2.3 includes updates to the enterprise-grade cloud native app firewall providing layer 7 protection to containerized apps anywhere they run and also adds built-in compliance templates for major standards like PCI, HIPAA, GDPR, and NIST SP 800-190.

Twistlock Runtime Defense has always used machine learning generated app models to provide enterprises with automatic protection against attacks. Twistlock 2.3 takes this a step further by adding specific heuristics for attack scenarios observed in the wild to identify and prevent container specific attacks. Through the research of Twistlock Labs, presented at DockerCon Europe, Twistlock Incident Explorer now includes specific protection for scenarios including lateral movement in orchestrated environments, poisoned registries used for cryptocurrency mining, and attacks against weak defaults in popular container images.

"Twistlock 2.3 equips our customers with deeper defense, more actionable knowledge, and intelligent tools to deliver protection to their cloud native stacks, from top to bottom," said John Morello, Twistlock Chief Technology Officer. "Twistlock is the most comprehensive solution for cloud native cybersecurity and we're taking the platform to even more scenarios and environments in 2018."

Serverless Security
A few months ago, Twistlock announced the beta release of serverless security. In response to great interest from customers, 2.3 includes the built-in, fully supported version of vulnerability management for serverless functions. Twistlock uses the same precise data sources for identifying vulnerabilities in serverless functions as for container image analysis, and the entire experience is a native part of the platform. Twistlock supports AWS Lambda, Azure Functions, and Google Cloud Functions and scanning can both be performed automatically through the UI and integrated into any CI/CD process.

Enterprise grade CNAF
Twistlock's Cloud Native App Firewall enhances the traditional web application firewall for cloud native scenarios, providing layer 7 traffic inspection and protection that follows the app, regardless of the cloud, node, IP, or port it's bound to and without any complex routing required. In 2.3, Twistlock has fortified CNAF with a variety of additional protective capabilities, including anti-reconnaissance, anti-authentication grinding, and file upload filtering. These features enhance CNAF's existing capabilities, delivering strong layer 7 protection for containerized apps wherever they are.

Built-in compliance templates, covering 200+ best practices
Twistlock led the industry by releasing the first guides for PCI and HIPAA compliance in containers and leading the development of NIST SP 800-190. In 2.3, Twistlock has made compliance even simpler by delivering a built-in policy library with templates for PCI, HIPAA, NIST, and GDPR compliance. These policies are built onto Twistlock's existing compliance framework, covering over 200 best practices from CIS Benchmarks for Docker, Kubernetes, and Twistlock Labs research.

Enhanced app aware system call defense
Twistlock pioneered the automatic creation and usage of app specific system call policies to provide fine grained, least privileged capability controls to containers. In 2.3, Twistlock Labs provides a broad, curated seccomp policy library defining the minimal set of syscalls required by common containerized apps like Mongo, MySQL, Redis, Nginx, and others. During normal runtime learning, Twistlock matches the app within the container with the relevant policy, with no human interaction required. Policies are updated by Twistlock Labs and distributed via the Intelligence Stream, ensuring that customers apps are constrained by a custom tailored, minimalist set of system capabilities.

Vulnerability Explorer
In 2.3, Twistlock has expanded the intelligence and threat knowledge in Vulnerability Explorer to give customers an even more actionable understanding and prevention of the risks in their environment. For example, Vulnerability Explorer now uses attack vector, attack complexity and the existence of exploit code as additional inputs when calculating risk scores.

Per layer vulnerability analysis
In addition to the full image vulnerability details Twistlock has always provided, Twistlock 2.3 automatically correlates vulnerabilities to specific layers so customers can instantly identify which layers in an image introduce vulnerabilities and quickly involve the right teams to correct them.

Terms of Use | Copyright 2002 - 2018 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement