With Twistlock Container Security Suite, businesses can apply security controls and defenses to containers without involving developers
Container security startup Twistlock announced general availability of its Container Security Suite
on Tuesday. It features integration with Google Cloud Platform that
provides container image scanning, access control functions, and the
ability to enforce runtime security policies.
Container Security Suite, in beta since last May, adds multiple layers
of monitoring to containers, such as the ability to scan applications in
containers to detect vulnerabilities, and to apply access control logic
and policies to the containers. This lets businesses apply security controls and defenses without getting in the way of how developers work with containers, said Chenxi Wang, chief strategy officer of Twistlock.
Twistlock's Container Security Suite scans the applications both in
image registries and in runtime to detect vulnerabilities present in the
Linux distribution, application frameworks, and custom-developed
application code. It also has activity monitoring and smart profiling
capabilities to detect misconfigurations and malicious activities and to
take appropriate action, such as blocking the containers from launching
and killing misbehaving containers dynamically. The suite can also
apply enterprise access control policies to the container environment.
In a typical scenario, organizations initially use Twistlock's tools to
scan and monitor new container deployments, Wang said. Afterward, they
shift toward policy compliance monitoring and keeping track of what
existing containers are doing.
Twistlock's integration with Google Cloud Platform adds the
above-mentioned security controls to containers stored in Google
Container Engine and Google Container Registry. The Twistlock Console
acts as both a policy configuration portal and a central dashboard to
configure image scan policies, specify runtime controls, and view the
real-time security posture of the containers. Twistlock Defender runs on
the same node as the containers and applies configuration policies as
needed; it also monitors container health and reports the information
back to the Console.
The Registry Scanner, a special type of Defender, helps users detect if
any components in the software stack have known CVEs or violate
configuration policies. If any anomalies are detected in a running
Container Engine cluster, Twistlock takes automated corrective actions,
such as raising an alert, blocking user access, or disconnecting the
container from the network.
For example, if a policy states containers should not have inbound SSH
access, Twistlock can scan container images in the registry to ensure
none of them include SSH. Twistlock can also monitor traffic while the
containers are running to detect if any of them are opening SSH
connections.
There are ways to do this kind of monitoring manually, and many
organizations have successfully used Twistlock on other cloud platforms,
but the integration with Google Cloud Platform makes the entire process
easier and seamless, Wang said. Existing Google Cloud users will be
able to use the Google Cloud Launcher to deploy Twistlock Console and
Registry Scanner. Wang said the option will be available within the next
two weeks, but until then, users will have to go through Twistlock to
sign up for the 60-day free trial and receive the batch install script.
Developers are the primary driver for container adoption. The Twistlock
announcement won't necessarily increase adoption among organizations who
haven't already made the decision to use containers. But the
integration will help adoption among organizations who already use
containers because it eases their concerns about how to gain visibility
and control over the environment.
Source: http://www.infoworld.com
No comments:
Post a Comment