SAN FRANCISCO, July 22, 2015 /PRNewswire/ -- Twistlock, the leading provider of cloud container security, today announced the release of a comprehensive image analysis component as part of the Twistlock suite. The component detects the existence of CVE (Common Vulnerabilities and Exposures) in Docker images. The component supports the analysis of native Linux binaries, including executables and linked libraries, Java Archives (JARs), Python packages, and Ruby gems within the Docker image. Twistlock's image analysis goes above-and-beyond competing offerings, with advantages including:
- Customers' ability to scan Docker images that are in use by their organization on-the-fly as part of the Twistlock suite's automatic protection capability.
- The ability to scan libraries and packages that are actually in use. Thus, reducing the false positives rate and allowing customers to prioritize security risk.
- Support of packages beyond native Linux binaries, such as JARs, Python packages, and Ruby gems.
- Support for on premises Docker registry scanning.
- Integration with CVE feeds from major vendor, government, and open source providers, helping customers easily integrate the latest threat intelligence into their Twistlock rules.
"We are especially excited about the integration of comprehensive image analysis within our product offering," said Ben Bernstein, CEO. "Twistlock's ability to integrate this capability into our container security suite helps our customers keep their containers secure as threats continue to evolve and increase and we're proud to be the first company to bring this capability to market."
Twistlock was founded by Ben Bernstein and Dima Stopel, who bring extensive enterprise security expertise in both the defense and private sector; both spent more than 10 years in the Microsoft R&D center in Israel and served in the Israel Defense Force's (IDF) intelligence corps. During their tenure they saw firsthand how new technologies can introduce gaps to an enterprise's security stance; with the rapid rise of containers, they recognized an opportunity to help enterprises get ahead of the risks and developed the Twistlock security suite to support their secure adoption. Twistlock is working with the virtual container leader, Docker, and the broader ecosystem, including major operating system providers (e.g. Microsoft, Redhat), virtual data center providers (e.g. VMware, Microsoft), and cloud service providers (e.g. Google, Amazon Web Services, Microsoft Azure, and Rackspace), to improve the overall security of containers through the efforts of the open source community.
JoAnn Yamani, Esq., APR