Back in June when Twistlock came out of stealth mode. We explained that our vision is to make application containers secure so developers can focus on what they do best without worry.
Since then, we have been working diligently with a select group of beta customers to validate the value of our feature set as well as roadmap that span both the development and the run-time environments. This diverse group of 15 beta testers – a majority already deployed our product into their production environments – has confirmed we are hitting the sweet spot of their most pressing container security needs. Working with these customers helped to deepen our understanding of the security needs for enterprises and enrich our offerings (some of our newest features came out of concrete customer requests!). So with their backing and the completion of a successful beta program, today we are excited to announce the general availability of the Twistlock Container Security Suite for all organizations. In conjunction with this announcement, we are also adding Sonatype as a strategic partner to enrich our vulnerability management offerings. Finally, we announce that we have joined Google Cloud Platform partnership program and our technology is now available on Google Cloud Platform.
While we admit to being biased, we think this is a really big deal for the application development community. Let me tell you why.
First of all, we see containers as change agents for the way that applications are developed and deployed. Just as virtualization technology up-ended IT operations a decade or so ago, we at Twistlock believe that application container technology is poised to revolutionize DevOps yet again.
Some of the biggest users and purveyors of applications are already taking this path. For example, webscale companies like Netflix and Twitter create their in-house applications with containers. Also, major developers of commercial software applications utilize this technology. For example, BMC software recently announced that they have adopted Docker container technology in order to churn out more new products and faster updates to existing products. For many companies, containers are a business imperative to stay competitive in their markets.
Though containers have been around for a few years, we’re just seeing the tip of the iceberg for their potential. From Twistlock’s perspective, this is an exciting place to be right now.
To realize the full potential of containers, having robust security assurance is an absolute must. Enterprises can’t sacrifice security for the sake of faster application development and deployment. However, some of the companies may be at the risk of being forced to because their developers have adopted containers on their own initiatives and the company is turning into a de facto container-based company. On their own, containers don’t give the same visibility and control that enterprise Ops and Security are accustomed to. Twistlock is addressing some of these gaps, but the more important part is that we’re not just plugging the hole—we’re innovating in this space. Let me give you my perspective on what sets Twistlock apart.
We are aligning our product suite with the security risks that we see as being most critical at this time. The areas that we address today are vulnerability management for containers; security hardening, not just for the containers themselves but also for their contents and the environments they run on; and advanced authentication and authorization capabilities to enable you to have more fine-grained active control in the environment and also to integrate with other established enterprise systems like Kerberos and LDAP.
One of the truly unique aspects of Twistlock’s solution is that we make it easy to secure your environment throughout the entire development and operational lifecycle. Traditional security mechanisms tend to be in one stage or the other: Firewalls are an Ops-only technology, while static application scanning is a dev only technology. Each is valuable but they miss a force-multiply opportunity by not being able to see into and effect other stages of the lifecycle. From the very beginning, we built a solution that really caters to how DevOps work, our dev-to-production vantage point and integration allows developers to impact runtime security in a way that is not previously possible.
There’s real opportunity for innovation in container security. If we do things right, it’s not just an innovation for application development or application deployment—it’s innovation for how security is introduced in enterprise computing in general. We believe that the downstream impact of this new mindset is game changing.
Twistlock is open for general business. If you’d like to learn more about how the Twistlock Container Security Suite can help your business, contact us to get a free trial at https://www.twistlock.com/get-twistlock/
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Cryptomining Malware Emerges
I have been watching for the spread of malware that, primarily, uses c...
Calling the Twistlock API from PowerShell
The Problem This morning, a colleague was looking for situations where...
What Makes Distributed Security ‘Cloud Native’: Podcast Overview
I caught up with Scott Fulton III on this edition of The New Stack Mak...
Reflections on the 20th Anniversary of Open Source Technology
Exactly twenty years ago in February 1998, the term “open source” ...
Enhanced Syslog Data Streams: 2.3 Deep Dive
In each of our Twistlock releases, we publish some truly remarkable fe...