TNS
VOXPOP
Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
0%
No: TypeScript remains the best language for structuring large enterprise applications.
0%
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
0%
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
0%
I don’t know and I don’t care.
0%
Containers / Security

Amazon Containers Now Can Be Secured with Twistlock

Dec 21st, 2015 4:24pm by
Featued image for: Amazon Containers Now Can Be Secured with Twistlock

To enhance security around its newly-launched Docker Container Registry, Amazon Web Services offers the ability to scan containers  for security vulnerabilities, thanks to a partnership with Twistlock.

AWS’ EC2 Container Registry, which AWS announced in October, is among a growing number of cloud services that rely on Twistlock to help users secure their containers. Last month, the Google Container Registry added Twistlock, and Docker supports the technology for its own registry, as well.

“Many customers already have a multi-cloud strategy and this platform-independent approach is an important way to provide consistent security across all those clouds,” wrote John Morello, Twistlock’s chief technology officer, in a blog post announcing the new offering. “One Twistlock instance can protect containers, hosts and images across all the various clouds your organization is running on.”

Twistlock is one of a number of companies seeking to address the issue of securing containers, which has become an increasing concern as more container-based workloads are moving into production. Both CoreOS and Docker have released their own scanners, both of which compare the contents of a container against a database of known vulnerabilities.

Twistlock’s service also scans for vulnerabilities and does so while folded into the user’s continuous integration process. In addition, Twistlock also offers an advanced access control, using permissions set by the organization’s Lightweight Directory Access Protocol (LDAP) -based directory. The service also offers the ability to monitor containers in operation, to guard against any malicious activity happening during runtime.

“Amazon ECR allows Amazon users to use Amazon credentials to handle images within AWS Container Registry. Twistlock can now also handle Amazon credentials and authentication tokens. Using Amazon credentials, you can point [Twistlock] to scan images in the AWS Container Registry regardless where Twistlock is installed,” wrote Chenxi Wang in a follow-up e-mail.

To get started on Twistlock, the user needs to install the Twistlock software, which runs inside a container. The software is available on the Amazon partner network. Then import a Kerberos client certificate to Twistlock, so the software can proxy Docker client to Docker daemon traffic. No agents are required on the host, nor do the containers being monitored need any additional preparation. Everything is done through the Docker and Linux APIs.

More details on how to implement the service can be found on the company’s web site.

CoreOS and Docker are sponsors of The New Stack.

Feature Image via Pixabay.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: The New Stack, Docker.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.