PORTLAND, Ore., June 25, 2019 (GLOBE NEWSWIRE) -- Twistlock, the leading provider of container and cloud-native security solutions, today announced the availability of Twistlock 19.07. This release builds on the existing cloud-native network firewall (CNNF) to provide enhanced visualization and manageability, adds threat visualization radar for serverless, automated image trust policies, and broader forensic data collection.
“Technology innovation leaders are keen to invest in cloud-native infrastructure technologies to increase software velocity, enable developer agility, application scalability and resilience, and reduce technical debt. By 2022, more than 75% of global organizations will be running containerized applications in production, which is a significant increase from fewer than 30% today.” Gartner, Top Emerging Trends in Cloud-Native Infrastructure1
“With the release of Twistlock 19.07, we’re continuing to both broaden and deepen our platform, protecting the entire continuum of compute options for cloud native apps,” said John Morello, Twistlock Chief Technology Officer. “19.07 provides customers with unique security capabilities, such as security visualization for serverless and automated learning of what images should be allowed to run, delivering on our mission to provide best in class automation, visibility, and prevention.”
Forensics v2
In 19.07, we’ve significantly expanded the scope of monitored data, while continuing to focus on actionability. Rather than simply collecting generic monitoring data, only some of which has a security investigative purpose, we’re intentionally focused on collecting the kinds of data used for actual incident response. We leveraged the skills and experiences of our accomplished Twistlock Labs research team (who’ve discovered more than 15 CVEs in Linux, Kubernetes, and OpenShift) as well as veterans of the Microsoft Enterprise Cybersecurity Group, to optimize the forensic package to be comprehensive, yet lightweight.
Deeper and Broader Windows Support
Recently we’ve seen an increase in the number of customers using Windows in cloud native scenarios, so in 19.07 we’ve invested in adding to our existing Windows feature set. Improvements include:
- Production version of CNNF for Windows
- Compliance checks for Windows covering Automatic Updates, Windows Firewall, and Windows Defender configuration
- Augmentation of MSRC (Microsoft Security Response Center) vulnerability feed data with NVD CVSS scoring to provide per-CVE scoring for CVEs fixed in Microsoft rollup packages
- Support for Jenkins on Windows
- Enhanced risk scoring for Windows vulnerabilities
- Windows Server 2019 support
Serverless Radar
Serverless Radar uses existing provider APIs to discover the invocation methods for each function and the services they communicate with, and draws them in a three pane view. The leftmost pane contains the invocation methods, like API Gateway. In the middle pane are the functions themselves, color coded by vulnerability, compliance, or runtime state. On the right pane are the backend services the functions communicate with, such as S3. Between the panes are lines connecting methods to functions to services, allowing security teams to visualize the entire connectivity flow and access rights.
Trusted Images v2
Twistlock will automatically learn the origin of all the images in use across your environment, summarize them (such that future versions of the same app will be included), and suggest a policy that only allows these images to run. The new rule based policy makes it easy to override and supplement this learned list to explicitly allow or deny additional entries and control how they’re applied across different nodes in your clusters. As new apps are deployed, Twistlock makes it easy to automatically relearn the baseline at any time without having to manually specify each new source in policy.
Additional new features and capabilities available in Twistlock 19.07 include:
- Deploy and manage Defender DaemonSets directly from the UI
- Automatic selection and load balancing of registry and serverless scanners
- Vulnerability risk scoring based on whether components are actively running within a host or container
- Improvements to searching and filtering in container and host Radar
- Timestamping of vulnerability discovery dates to enable compliance reporting
- Separate, dedicated compliance policy for functions
- Improvements to cloud discovery alerting
To learn more about Twistlock 19.07, please visit our website.
1Source: Gartner, “Top Emerging Trends in Cloud-Native Infrastructure”, Arun Chandrasekaran, Wataru Katsurashima, 28 May 2019.
About Twistlock
Trusted by more than 35% of the Fortune 100, Twistlock is the world's first truly comprehensive cloud native security platform, providing holistic coverage across hosts, containers, and serverless in a single platform. Twistlock is cloud-native and API-enabled itself, protecting all your workloads regardless of what underlying compute technology powers them. For more information, please visit www.twistlock.com.
For press inquiries:
Meghan Marks
Meghan@twistlock.com