In this episode of The New Stack Analysts podcast, we explore a number of topics in the container security space, such as how containers are bolstering the security of today’s applications, the recent changes in container security platform Twistlock’s core feature set, and the need for partner integrations in today’s container-driven developer ecosystem.
Twistlock Chief Technology Officer John Morello shared his thoughts with TNS founder Alex Williams, in an interview to prepare for our most recent eBook: Networking, Security, and Storage with Docker and Containers.
The discussion can also be heard on YouTube.
Traditional security approaches, such as creating “allow lists,” can quickly become too complicated in today’s enterprise environments, Morello explained. “Usually, it involved some developer having to sit down with security analysts, describing how the application worked, what the requirements were. Analysts would then go into multiple, different tools, set up something in an IPS, and something in a firewall. Of course, that application would inevitably change over time, and those rules that were created on day one were no longer well-aligned on day 50,” said Morello.
Morello explained that as containers are immutable, they are easier to work with in this respect. “You’re not out servicing containers in the field,” Morello noted. Twistlock further improves how developers work with their container setup by automatically learning the overall security of one’s containers. “When a container is deployed, we put it into a learning mode state and observe the behavior and characteristics of what it’s doing. For example, if it’s a front end container, is it talking to a particular back end database?”
The apparent rapid adoption of containers is perhaps a misnomer, with Morello noting that Twistlock sees many users that are just beginning to implement containers into their application development strategy. “A lot of people think about, ‘Well, if I’m going to embrace CI/CD, that means I’m going to have to be doing a fundamentally different way of running my application. What we see is more so people kind of gradually getting into containers as they add new features to existing applications or re-factor existing applications.”
As the conversation drew to a close, Morello offered insight as to the security areas Twistlock sees its customers addressing most often. “Compliance and vulnerability management are the two primary focus groups we see with customers. It’s the largest area of unmet need. Even someone trying to do the right thing and build images from latest as the base layer, it’s going to be really hard to make sure those images are always up to date. You really have to have some tooling to help you do that as part of the build process itself.”
Twistlock is a sponsor of The New Stack.
Feature image via Pixabay.