UPDATED 09:00 EST / JANUARY 03 2018

CLOUD

Twistlock updates container security platform with protection for serverless deployments

Container security company Twistlock Ltd. today updated its namesake platform with a new release that aims to beef up security for serverless computing functions and help companies meet their compliance obligations.

The Twistlock 2.3 release also comes with enhancements to its runtime defense based on real-world research into security vulnerabilities, along with updates to its cloud-native application firewall.

Twistlock is a security startup focused on software containers, which are popular with developers as they allow for their applications to be built just once and run on any operating system. The company has raised $30 million in funding to date, most recently landing $17 million in a round led by Polaris Partners last April. Its platform helps companies detect vulnerabilities and other problems in their container deployments, with an emphasis on identifying operational problems that violate compliance requirements.

With the update, Twistlock is enabling vulnerability management for serverless functions for the first time. Serverless computing is an architecture that’s growing in popularity with container developers, because the code execution is fully managed by cloud providers, which means they don’t have to worry about managing, provisioning or maintaining the servers that run their apps. Twistlock said it’s using same data sources for identifying vulnerabilities in serverless functions that it uses for container image analysis. The platform now supports AWS Lambda, Azure Functions and Google Cloud Functions, with scanning integrated into continuous integration and continuous development processes.

The second major update pertains to Twistlock’s Runtime Defense feature, which uses machine learning-generated app models to provide automatic protection against attacks. With Twistlock 2.3, Runtime Defense adds specific heuristics for attack scenarios observed in the wild, so it can protect its customers from these known attacks.

“Twistlock 2.3 equips our customers with deeper defense, more actionable knowledge, and intelligent tools to deliver protection to their cloud native stacks, from top to bottom,” said John Morello, Twistlock’s chief technology officer.

Twistlock has also updated its Cloud Native App Firewall with layer 7 traffic inspection and protection capabilities that remain bound to each individual application, regardless of cloud its deployed on or the IP address it’s using. The update also comes with additional protective capabilities including anti-reconnaissance, anti-authentication grinding and file upload filtering.

In addition, Twistlock is adding something called built-in compliance templates to help ensure its customers can adhere to PCI and HIPAA regulations. These templates are built into Twistlock’s existing compliance framework and cover more than 200 best practices from CIS benchmarks for Docker, Kubernetes and Twistlock Labs research.

Image: Pexels/Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU