PORTLAND, Ore., Dec. 10, 2018 /PRNewswire/ -- Twistlock, the leader in container and cloud native security, today announced the release of Twistlock 18.11. This substantial update now enables customers to easily discover cloud native services to protect against threats across hybrid environments and understand how potential vulnerabilities connect to one another. It also introduces security visualization for Kubernetes, industry-first compliance and security configuration checks for Istio, and includes new alerting integrations with PagerDuty, Amazon Web Services (AWS) Security Hub, and IBM Security Advisor.
"While the adoption of Kubernetes and cloud native technologies for production workloads has increased exponentially, security and compliance remain key hurdles to mass production deployments," said Fernando Montenegro, Security Analyst for 451 Research. "Twistlock has shown momentum with the cloud providers, ISVs, and open source tools driving the cloud native movement. We believe that this coming year we'll see more emphasis on security for containers and cloud native applications than ever before."
Discover and Protect Services Across Hybrid Cloud Environments
Twistlock 18.11 introduces Cloud Platform Compliance, which allows customers to centrally discover all cloud native services in use across AWS, Microsoft Azure, and Google Cloud Platform (GCP), across all accounts, and in every region. Cloud Platform Compliance continuously monitors these accounts to detect when rogue services are added, and alerts end users to avoid risks introduced by rogue deployments, abandoned environments, and environments not being protected by Twistlock.
Compliance and Security Configuration Checks for Istio Service Mesh
Istio provides load balancing, fine-grained traffic routing, mutual TLS, and service-centric RBAC, but lacks a simple way to visualize and understand interconnectivity between services. Twistlock now integrates with Istio to enrich the Radar dashboard with details about protocols and service roles used with the Istio service mesh, and introduces an industry-first set of compliance and secure configuration checks for Istio. This adds to Twistlock's 300 individual compliance checks for Docker, Kubernetes, and Linux, and enables customers to enforce a secure Istio configuration and cover key risks like misconfigured TLS settings and universally scoped service roles.
Kubernetes Service Account Monitoring and Visualization
Twistlock now includes a first of-its-kind discovery and monitoring tool for Kubernetes service accounts. Integrated into the Radar dashboard, every service account associated with every resource in a cluster can be easily viewed, so that security staff can easily understand role configuration, assess the level of access provided to each service account, and mitigate risks associated with overly broad permissions. For each account, Twistlock shows detailed metadata describing the resources it has access to and the level of access it has to each of them.
Additional improvements in Twistlock 18.11 include:
- New Monitoring and Alert Providers: Customers can build high-level, dashboard-like stats based on Twistlock data using Prometheus for monitoring. New alert providers include PagerDuty, generic webhooks, AWS Security Hub, IBM Security Advisor, and logging to stdout.
- Expanded Support for Pivotal: Pivotal customers can now protect applications against threats with the Pivotal Application Service on Pivotal Cloud Foundry (PCF) via a single click from a tile in the Pivotal Network.
- Dashboard UX Improvements: Twistlock's automatically generated Radar view is now the main interface for the product. This central view provides at a glance insight into the application topology, risk and compliance status of customers' entire cloud native environments
- Enhancements to CaaS and Serverless Defenders: AWS Fargate Defender v2 is the first WAF for Fargate with CNAF support and common data stream alerts. Serverless Defender v2 now blocks outgoing connections. Both now integrate with Incident Explorer
- Improved Credential Manager A central, product wide credential manager makes it easy to securely store and reuse accounts and keys for external services.
"Since we shipped the first version of Twistlock in 2015 we've worked on 11,100 issues, pushed 5800 commits, built Twistlock more than 900 times, and shipped over 300 customer requested features to a couple hundred customers," said Ben Bernstein, Chief Executive Officer for Twistlock. "We're excited to deliver the most complete, granular, and easy-to-use security solution yet, and are encouraged by the momentum and interest we're seeing among major Cloud Service Providers and leading ecosystem partners."
For more information, or to see Twistlock 18.11 in action, visit Twistlock.com.
Trusted by 25% of the Fortune 100, Twistlock is the most complete, automated and scalable cloud native cybersecurity platform. From precise, actionable vulnerability management to automatically deployed runtime protection and firewalls, Twistlock protects applications across the development lifecycle and into production. Purpose built for containers, serverless, and other leading technologies - Twistlock gives developers the speed they want, and CISOs the control they need. For more information, please visitwww.twistlock.com.