Twistlock Adds Serverless Security to Flagship Cloud Security Platform

Twistlock Adds Serverless Security to Flagship Cloud Security Platform

Recently, Twistlock released a major update to their flagship software. Twistlock 2.3 added comprehensive intelligence tools and a thorough upgrade to various systems already in place. This update is aimed to provide customers with a more exhaustive cloud security platform.

Twistlock’s CTO, John Morello, stated, “Twistlock 2.3 is all about going deeper — taking existing features and broadening their capabilities, incorporating real-world threat research from Twistlock Labs, delivering Twistlock protection to new platforms, and responding to enterprise management requirements from our customers.”

Serverless security

One of the most significant additions to Twistlock is the new serverless security function. A few months ago, Twistlock released a version of their serverless security in beta. This beta was a rousing success and consumers were incredibly pleased. Thus, Twistlock took the positive feedback and decided to include fully supported vulnerability management for serverless functions built into 2.3.

Enhanced vulnerability analysis

In Twistlock’s previous update, 2.2, it was made easier to understand what image layers have vulnerabilities. 2.3 has improved this by introducing the ability to automatically correlate vulnerabilities to layers and provide this information to the right teams to correct them. Additionally, 2.3 provides a more thorough Vulnerability Explorer app, which scores what threats are the most pressing. The scores use attack vector, attack complexity, and the existence of exploit code as additional inputs when calculating risk scores.

Improvements to CNAF

Twistlock has improved their cloud-native app firewall (CNAF), which already provided layer 7 traffic inspection and protection. In 2.3 they’ve bolstered CNAF with anti-reconnaissance, anti-authentication grinding, and file upload filtering. These new features improve Twistlock’s ability to provide layer 7 protections for containerized apps, regardless of where they are.

App aware system call defense

2.3 also provides an enhanced app aware system call defense. They’ve re-architectured their system call runtime defense capabilities to be independent of the app frameworks and languages used. Whenever an app is opened, the program automatically injects the proper seccomp policy without any human interaction required. If a program has no app-specific policy, Twistlock injects a broadly-applicable policy so no protection is lost.

Upgraded logging and syslog data streams

Twistlock decided to improve their logging and syslog data streams in 2.3. In previous versions, they focused on finding active threats in the environment. Twistlock has listened to customer feedback and concluded that some of their users prefer their SIEM to collect verbose information about their environment. 2.3 includes an enhanced version of their syslog output to include detailed information about all process activity.

Read the full release.

Tyler W. Stearns

Tyler W. Stearns

Editor, DevOps & Network Monitoring at Solutions Review
Tyler is an enterprise technology writer and analyst covering DevOps and Network Monitoring at Solutions Review. He obtained a Bachelor of Arts Degree in English from the University of Massachusetts, Boston. You can reach him at tstearns@solutionsreview.com
Tyler W. Stearns

Leave a Reply

Your email address will not be published. Required fields are marked *