Cloud native app firewall Twistlock 2.1 launches
|Christian Hargrave in Security Monday, July 17, 2017|
Cloud container security solution, Twistlock, announces availability of it's 2.1 update a Cloud native app firewall.
“Twistlock 2.1 uses our deep knowledge of container threats to give organizations all the tools needed to prevent problems before they occur,” said John Morello, chief technology officer at Twistlock. “As the industry’s most comprehensive, automated and scalable container security solution, Twistlock dynamically simplifies the flow of app traffic to prevent attacks on organizations, making it an obvious choice to secure their containers against the next generation of threats.”
- Cloud native app firewall: In 2.1, Twistlock introduces a Cloud Native App Firewall (CNAF) that combines their knowledge, placement and visibility, and automatically protects customers’ apps at scale, with far less manual interaction and in a completely ‘software defined’ manner. Critically, this all happens without having to change anything in an organization’s images, containers, or infrastructure. The platform can dynamically learn where to apply these filters, transparently filter application traffic against common attack patterns like SQL injection and cross site scripting, transparently block requests from malicious endpoints, and ensure that only safe traffic reaches an organization’s app, all without having to configure external devices or ever enter an IP address.
- Twistlock collections: For organizations that have different teams working on many different apps sharing the same environments, collections enable the company to centrally create and manage pre-defined filters in rules and views across the product. Collections provide multi-tenancy and can be created for any arbitrary structures a company would like, such as by project, organizational hierarchy, geography or some combination thereof.
- Compliance alerting and enforcement in Jenkins: The platform supports the ability to alert on and enforce vulnerability thresholds during the CI process via the native Jenkins plugin. In 2.1, this CI integration is expanding to cover image compliance. A company can now use Twistlock to check, alert on, and fail builds based on compliance posture. This capability is all about the ‘shift left’ concept, helping organizations move both security and compliance further upstream in the development process.
- Secrets manager: The new Secrets Manager in 2.1 allows customers to integrate their secret management platforms, such as HashiCorp or CyberArk, and securely distribute secrets from those stores into specified containers. Their secrets manager is built on the latest work Twistlock is contributing to the open source Docker project, enabling pluggable secrets stored directly in Docker Swarm.
- Vulnerability Explorer: Twistlock has always looked at vulnerability management broadly and focused on giving enterprises the tools to prevent problems before they occur. 2.1 takes this a step further by giving customers an actionable, stack-ranked view of the most critical risks in the environment, based on the organization’s unique deployments.
- Vulnerability push alerts: Enhanced capabilities in 2.1 allow organizations to create configurable alerts, and automated processes for development teams to get push notifications about new vulnerabilities discovered in the apps they maintain.
Read more: https://www.twistlock.com
The necessary steps to secure your environment for all of the components that are involved in a z Systems cloud infrastructure that uses IBM z/VM and Linux on z Systems.
Learn the best ways to organize your app development projects, and keep code straight, clients happy, and breathe a easier through launches.
Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.
How to create a profitable, sustainable business developing and marketing mobile apps.