Cloud native app firewall Twistlock 2.1 launches
Monday, July 17, 2017
Christian Hargrave |
Cloud container security solution, Twistlock, announces availability of it's 2.1 update a Cloud native app firewall.
Twistlock, a provider of cloud container security solutions, has announced the availability of Twistlock 2.1. The latest release of their flagship product includes a first of its kind cloud native app firewall, vulnerability risk ranking that uses knowledge of an enterprise’s unique environment to prioritize what to fix first, a brand new dashboard and integrated secrets management based on their latest work in the Docker open source project.
“Twistlock 2.1 uses our deep knowledge of container threats to give organizations all the tools needed to prevent problems before they occur,” said John Morello, chief technology officer at Twistlock. “As the industry’s most comprehensive, automated and scalable container security solution, Twistlock dynamically simplifies the flow of app traffic to prevent attacks on organizations, making it an obvious choice to secure their containers against the next generation of threats.”
- Cloud native app firewall: In 2.1, Twistlock introduces a Cloud Native App Firewall (CNAF) that combines their knowledge, placement and visibility, and automatically protects customers’ apps at scale, with far less manual interaction and in a completely ‘software defined’ manner. Critically, this all happens without having to change anything in an organization’s images, containers, or infrastructure. The platform can dynamically learn where to apply these filters, transparently filter application traffic against common attack patterns like SQL injection and cross site scripting, transparently block requests from malicious endpoints, and ensure that only safe traffic reaches an organization’s app, all without having to configure external devices or ever enter an IP address.
- Twistlock collections: For organizations that have different teams working on many different apps sharing the same environments, collections enable the company to centrally create and manage pre-defined filters in rules and views across the product. Collections provide multi-tenancy and can be created for any arbitrary structures a company would like, such as by project, organizational hierarchy, geography or some combination thereof.
- Compliance alerting and enforcement in Jenkins: The platform supports the ability to alert on and enforce vulnerability thresholds during the CI process via the native Jenkins plugin. In 2.1, this CI integration is expanding to cover image compliance. A company can now use Twistlock to check, alert on, and fail builds based on compliance posture. This capability is all about the ‘shift left’ concept, helping organizations move both security and compliance further upstream in the development process.
- Secrets manager: The new Secrets Manager in 2.1 allows customers to integrate their secret management platforms, such as HashiCorp or CyberArk, and securely distribute secrets from those stores into specified containers. Their secrets manager is built on the latest work Twistlock is contributing to the open source Docker project, enabling pluggable secrets stored directly in Docker Swarm.
- Vulnerability Explorer: Twistlock has always looked at vulnerability management broadly and focused on giving enterprises the tools to prevent problems before they occur. 2.1 takes this a step further by giving customers an actionable, stack-ranked view of the most critical risks in the environment, based on the organization’s unique deployments.
- Vulnerability push alerts: Enhanced capabilities in 2.1 allow organizations to create configurable alerts, and automated processes for development teams to get push notifications about new vulnerabilities discovered in the apps they maintain.
Read more: https://www.twistlock.com
“Twistlock 2.1 uses our deep knowledge of container threats to give organizations all the tools needed to prevent problems before they occur,” said John Morello, chief technology officer at Twistlock. “As the industry’s most comprehensive, automated and scalable container security solution, Twistlock dynamically simplifies the flow of app traffic to prevent attacks on organizations, making it an obvious choice to secure their containers against the next generation of threats.”
Key features:
- Cloud native app firewall: In 2.1, Twistlock introduces a Cloud Native App Firewall (CNAF) that combines their knowledge, placement and visibility, and automatically protects customers’ apps at scale, with far less manual interaction and in a completely ‘software defined’ manner. Critically, this all happens without having to change anything in an organization’s images, containers, or infrastructure. The platform can dynamically learn where to apply these filters, transparently filter application traffic against common attack patterns like SQL injection and cross site scripting, transparently block requests from malicious endpoints, and ensure that only safe traffic reaches an organization’s app, all without having to configure external devices or ever enter an IP address.
- Twistlock collections: For organizations that have different teams working on many different apps sharing the same environments, collections enable the company to centrally create and manage pre-defined filters in rules and views across the product. Collections provide multi-tenancy and can be created for any arbitrary structures a company would like, such as by project, organizational hierarchy, geography or some combination thereof.
- Compliance alerting and enforcement in Jenkins: The platform supports the ability to alert on and enforce vulnerability thresholds during the CI process via the native Jenkins plugin. In 2.1, this CI integration is expanding to cover image compliance. A company can now use Twistlock to check, alert on, and fail builds based on compliance posture. This capability is all about the ‘shift left’ concept, helping organizations move both security and compliance further upstream in the development process.
- Secrets manager: The new Secrets Manager in 2.1 allows customers to integrate their secret management platforms, such as HashiCorp or CyberArk, and securely distribute secrets from those stores into specified containers. Their secrets manager is built on the latest work Twistlock is contributing to the open source Docker project, enabling pluggable secrets stored directly in Docker Swarm.
- Vulnerability Explorer: Twistlock has always looked at vulnerability management broadly and focused on giving enterprises the tools to prevent problems before they occur. 2.1 takes this a step further by giving customers an actionable, stack-ranked view of the most critical risks in the environment, based on the organization’s unique deployments.
- Vulnerability push alerts: Enhanced capabilities in 2.1 allow organizations to create configurable alerts, and automated processes for development teams to get push notifications about new vulnerabilities discovered in the apps they maintain.
Read more: https://www.twistlock.com
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here