Application Security

Twistlock Enhances Visibility into Multicloud, Istio, Kubernetes

10 Dec 2018 12:35pm, by

Cloud Discovery, an open source tool that cloud native security vendor Twistlock released a few weeks ago, is just one of the new features in its latest security platform release, version 18.11.

“As people start adopting all these cloud-native services — containers, serverless — and most organizations we deal with are intentionally multicloud, the potential permutations of where their stuff is can be is huge. Every one of those platforms has dozens of regions, and every region has several different services or more, and you may have different accounts for different teams. So it’s very hard [to really know] what’s out there,” said Twistlock Chief Technology officer John Morello.

Called Cloud Platform Compliance, it allows customers to centrally discover all cloud native services in use across AWS, Microsoft Azure, and Google Cloud Platform (GCP) in a visual way on the Radar dashboard.

It’s integrated the tool into its enterprise product with continuous monitoring and added alert integration so you can send alerts to sites such as JIRA, Slack and PagerDuty.

It’s also enhanced the visibility into the interconnectivity between services in the Istio service mesh. Morello will be speaking at Kubecon + CloudNativeCon North America on Thursday about Istio as a firewall.

“In 18.11, integration with Istio is focused on two main areas: You can automatically discover the Istio mesh topology. We show that in what we call our Radar view. It’s kind of a Google map of your environment…. You can see all the pods you’re managing with Istio, you can see all the interconnectivity between them, service roles, HTTP methods that are allowed and visualize and understand what your Istio topology actually looks like and how components interact with each other,” he said.

The second part is related to compliance. Its research team looked at all the possible risks for Istio and the company built more than a dozen specific compliance checks for Istio. It adds to the Twistlock library of more than 300 compliance checks for Kubernetes, Docker and Linux that enable users to look for and enforce security policy.

“It’s not looking for vulnerabilities per se,” he said, “but with any technology, you can configure it well or you can configure it poorly. With a new technology, a lot of times people don’t know what’s good and what’s bad. We try to make sure they know what best practices are and to be able to monitor that automatically.”

It’s also added Kubernetes service account monitoring and visualization with integration with its Radar dashboard.We’re overlaying that with service account awareness. You can see within your cluster what accounts, …what pods hold what service tokens, what rights that bestows upon them, what elevation of permissions they have if they’re overly permissioned. Like with Istio, the ability to visualize and understand your environment like you haven’t been able to do. Before you were looking at dozens of YAML files. For security folks who aren’t looking at DevOps artifacts, it’s really hard to know what the environment is by doing that,” Morello said.

Integrations with Prometheus, AWS Security Hub, IBM Security advisor. Cloud-native app firewall that works with AWS Fargate. Support for Lambda Layers, a way to have a reusable component that’s dynamically composed into your function at runtime.

It’s also added support for Pivotal Cloud Foundry PAS (Pivotal Application Service) and integrations with Prometheus monitoring, AWS Security Hub and IBM Cloud Security Advisor.

451 Research security analyst Fernando Montenegro notes the market for container security is becoming increasingly crowded, but noted Twistlock’s support for new technologies such as serverless and managed serverless environments.

“While the adoption of Kubernetes and cloud native technologies for production workloads have increased exponentially, security and compliance remain key hurdles to mass production deployments,” Montenegro said. “Twistlock has shown momentum with the cloud providers, ISVs, and open source tools driving the cloud native movement. We believe that this coming year we’ll see more emphasis on security for containers and cloud native applications than ever before.”

A relatively small company, it competes with the likes of Aqua Security, Google and Red Hat in the large category — cloud security vendors with more than $10 million in annual category revenue — in Forrester’s Q4 Container Security report.

Back in August, Twistlock announced a cloud native app firewall that works with Fargate, the AWS container-as-a-service offering, and AWS Lambda Layers, which provides a way to have a reusable component that’s dynamically composed into your function at runtime. Its Defender protection runs as one of those layers.

The Portland, Ore.-based company raised an additional $33 million in a Series C round in August, bringing its total funding to $63 million.

Twistlock is a sponsor of The New Stack.

Feature image via Pixabay.

A newsletter digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.