The protection of digital assets shouldn’t stop at the server. With the latest release of its cloud native cybersecurity platform Twistlock 19.03, Twistlock offers a solution that protects across hosts, containers and serverless in a single product, cloud native and API-enabled, covering all workloads regardless of what underlying compute technology powers them.
“While many security providers already offer products that can run in VMs, they’re often just rehashed legacy endpoint protection and are not optimized for the kind of automation and statelessness that defines cloud native,” says John Morello, chief technology officer, Twistlock. “With that in mind, we set out to create a comprehensive cloud native security platform that wouldn’t just repack legacy technologies or focus on only a single aspect of host defense. This latest release of Twistlock provides vulnerability management, compliance, runtime defense, firewalling and access control across all VMs in all clouds.”
“At its inception, Twistlock was conceived to be the first ever purpose-built solution for containers, and enterprises continue to adopt containers at a remarkable rate, so we’ll continue to heavily invest in them, but adding VMs provides comprehensive and consistent protection across all workloads — regardless of where on the continuum they’re run,” adds Ben Bernstein, chief executive officer, Twistlock.
Key functionality included in Twistlock 19.03 includes:
- Cloud Native Network Firewall and Radar for Hosts: Cloud Native Network Firewall for hosts is a distributed layer 3 / 4 firewall that stresses automated learning and workload awareness to provide micro-segmentation of apps in a least privilege connectivity mesh.
- Host File Integrity Monitoring: File integrity monitoring enables monitoring of host file systems for specific changes to directories and files, key requirement in many compliance standards.
- Host Forensics: Host forensics works in a very similar manner to container forensics, keeping a self-managed, high performance local log of forensic activity and selectively forwarding this data to Console in case of incidents.
- Custom Runtime Rule Language: Custom runtime rule language is a simple, intuitive, expression-based approach to define discrete runtime behaviors such as preventing local access to cloud provider metadata or running processes with specific parameters.
- Cloud Compliance v2: This version adds coverage for all cloud native services on Azure and Google Cloud Platform and adds checks for the CIS Benchmarks for AWS.
- Assigned Collections: Assigned Collections to makes it easier to provide least privilege access to data within a Twistlock environment, such as allowing a given dev team to only see vulnerability data about their own images..
- RASP Defender:Twistlock 19.03 adds runtime defense for services that run Docker images, yet do not use Docker or OCI runtimes, like Pivotal PAS, as well as services that use a Docker runtime but in a highly constrained environment, like AWS Fargate or Microsoft Azure Container Instances. As infrastructure teams adopt these technologies, Twistlock is providing robust security capabilities for these types of deployments with RASP Defender.