Twistlock Releases New Security Platform for Container Environments
Thursday, May 12, 2016
Twistlock has announced the release of Twistlock Runtime, a set of automated capabilities that defend against active threats targeting container environments.
The platform is designed specifically to detect and stop sophisticated runtime attacks – including APTs and zero-day exploits – against containerized applications. Twistlock Runtime is a component within the Container Security Suite which was launched in November.
Twistlock Runtime utilizes a declarative security model to build runtime protection. It performs static and dynamic analysis of container images and derives a set of declarative “DNA” profiles for the containers. The profiles offer both container-specific and global smart rules to protect the production environment from active threats.
One example of a declarative profile is a set of whitelisted processes that should run inside a particular container, which Twistlock Runtime can build automatically from image analysis and use that to enforce the correct runtime behavior for protected environments.
With Twistlock Runtime, system administrators, security and operations teams can declaratively stipulate security policies applied to hosts, container engines, containers and applications. Twistlock Runtime offers the following runtime defense features and benefits:
- Container DNA profiles: A feature that automatically builds runtime "DNA" profiles for each container based on static and dynamic analysis of the container image, and serves as the baseline for runtime anomaly and threat detection.
- Automated smart rules: The smart rules are derived from the profiles directly to enforce policies and desired behavior in runtime. They also respond to changing threats and environments, leading to adaptive and targeted protection.
- Enhanced commercial and proprietary threat intelligence: This includes leading commercial threat feeds as well as Twistlock’s own threat research and is added on top of open source threat and vulnerability feeds that already power Twistlock’s products.
- Dev-to-production security mechanism: The industry’s first known approach – which takes static analysis knowledge of container images and from that, directly derives runtime protection rules, as opposed to traditional security measures that involve disparate code analysis and runtime protection.
- Low management overhead: Twistlock Runtime doesn’t require admins or Ops teams to manually administer defense mechanisms, tune policies, or play catch-up to the latest threats.
More rewarded mobile ads = higher user engagement Thursday, April 19, 2018
IT Revolution announces DevOps Enterprise Summit Las Vegas 2018 Thursday, April 19, 2018
Reshape the World Challenge launches to help the self-employed Wednesday, April 18, 2018
USC Games announces first student games expo Wednesday, April 18, 2018
Move data between the cloud and edge with Couchbase Mobile 2.0 Wednesday, April 18, 2018
Stay UpdatedSign up for our newsletter for the headlines delivered to you