New open source cloud discovery tool arrives from Twistlock
|Christian Hargrave in Cloud Services Thursday, November 15, 2018|
A new way for audit and security practitioners to discover all 'unknown unknowns' across cloud environments has been introduced by Twistlock.
Twistlock has released a new open source Cloud Discovery tool. Cloud Discovery gives enterprise infrastructure, operations, and security teams the ability to easily understand and quantify the size of their environment, and get a birds' eye view of what cloud native services are running and where. The first release supports Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP), with more platforms to be announced.
Cloud Discovery connects to cloud providers' native platform APIs to discover services such as container registries, managed Kubernetes platforms, and serverless services, and requires only read permissions. Other key features include:
- Network discovery to discover cloud native infrastructure and applications, such as Docker Registries and Kubernetes API servers
- Instantly identify weak settings and authentication
- Easily integrated into DevSecOps processes
- Provided as a simple Docker container image that can be run anywhere and requires only read permissions to cloud accounts
- Works well for both interactive use and automation
- Outputs data into standard JSON for easy integration with other tools
- Written in Go
"In many organizations, IT ops, security, and audit personnel need to discover all the cloud native entities being used at their organizations," said John Morello, Chief Technology Officer, Twistlock. "This is often a result of development teams starting up resources and deploying cloud native applications, but the security or operations team may not always know exactly where they're deploying them. We want to make that easy without creating any new security gaps."
"Since our founding, we've been committed to enhancing security efforts for the cloud native community through upstream contributions to open source projects," said Ben Bernstein, Chief Executive Officer, Twistlock. "From creating the authorization framework within Docker and Openshift and secrets management for Docker Swarm, to the release of Cloud Discovery -- open source is in our DNA. We hope Cloud Discovery helps the community and look forward to adding new features and components that benefit everyone."
Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.
Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.
Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.