More and more businesses are adopting a container strategy but this leads to problems for operations and security staff seeking to maintain control and visibility.
Container security specialist Twistock released its Container Security Suite in beta back in May and has now announced general availability of the product along with its participation in the Google Cloud Platform partner program.
"Containers bring unprecedented speed and agility that allow DevOps to quickly respond to changing business needs. But organisations are concerned about the robustness of policy management and the ability to support organisational compliance needs," says Ben Bernstein, CEO and co-founder of Twistlock. "This integration is significant because Google Cloud Platform users can use Twistlock technologies to have the visibility and controls they need to maximise business efficiency and potential for innovations".
Integration with Google Cloud Platform (GCP) provides container image scanning, access control functions, and the ability to enforce runtime security policies to protect containerised applications running on GCP.
Twistlock allows users to scan images in Google Container Registry for CVE (Common Vulnerabilities and Exposures) and for policy compliance. They can also detect anomalies in a running container engine cluster and take automated corrective actions, such as raising an alert or disconnecting the container’s network access. In addition it can generate reports of policy violations in both Container Registry and Container Engine.
For users there are three parts to Twistlock for GCP, a Registry Scanner that performs vulnerability scanning for container registries, and the Twistlock Console which is both a policy configuration portal and a central dashboard for all Twistlock tasks. Plus there's Twistlock Defender which runs on the same host as protected container workloads and monitors container health, applies configuration policies, and reports container information back to the console.