Back in June when Twistlock came out of stealth mode. We explained that our vision is to make application containers secure so developers can focus on what they do best without worry.
Since then, we have been working diligently with a select group of beta customers to validate the value of our feature set as well as roadmap that span both the development and the run-time environments. This diverse group of 15 beta testers – a majority already deployed our product into their production environments – has confirmed we are hitting the sweet spot of their most pressing container security needs. Working with these customers helped to deepen our understanding of the security needs for enterprises and enrich our offerings (some of our newest features came out of concrete customer requests!). So with their backing and the completion of a successful beta program, today we are excited to announce the general availability of the Twistlock Container Security Suite for all organizations. In conjunction with this announcement, we are also adding Sonatype as a strategic partner to enrich our vulnerability management offerings. Finally, we announce that we have joined Google Cloud Platform partnership program and our technology is now available on Google Cloud Platform.
While we admit to being biased, we think this is a really big deal for the application development community. Let me tell you why.
First of all, we see containers as change agents for the way that applications are developed and deployed. Just as virtualization technology up-ended IT operations a decade or so ago, we at Twistlock believe that application container technology is poised to revolutionize DevOps yet again.
Some of the biggest users and purveyors of applications are already taking this path. For example, webscale companies like Netflix and Twitter create their in-house applications with containers. Also, major developers of commercial software applications utilize this technology. For example, BMC software recently announced that they have adopted Docker container technology in order to churn out more new products and faster updates to existing products. For many companies, containers are a business imperative to stay competitive in their markets.
Though containers have been around for a few years, we’re just seeing the tip of the iceberg for their potential. From Twistlock’s perspective, this is an exciting place to be right now.
To realize the full potential of containers, having robust security assurance is an absolute must. Enterprises can’t sacrifice security for the sake of faster application development and deployment. However, some of the companies may be at the risk of being forced to because their developers have adopted containers on their own initiatives and the company is turning into a de facto container-based company. On their own, containers don’t give the same visibility and control that enterprise Ops and Security are accustomed to. Twistlock is addressing some of these gaps, but the more important part is that we’re not just plugging the hole—we’re innovating in this space. Let me give you my perspective on what sets Twistlock apart.
We are aligning our product suite with the security risks that we see as being most critical at this time. The areas that we address today are vulnerability management for containers; security hardening, not just for the containers themselves but also for their contents and the environments they run on; and advanced authentication and authorization capabilities to enable you to have more fine-grained active control in the environment and also to integrate with other established enterprise systems like Kerberos and LDAP.
One of the truly unique aspects of Twistlock’s solution is that we make it easy to secure your environment throughout the entire development and operational lifecycle. Traditional security mechanisms tend to be in one stage or the other: Firewalls are an Ops-only technology, while static application scanning is a dev only technology. Each is valuable but they miss a force-multiply opportunity by not being able to see into and effect other stages of the lifecycle. From the very beginning, we built a solution that really caters to how DevOps work, our dev-to-production vantage point and integration allows developers to impact runtime security in a way that is not previously possible.
There’s real opportunity for innovation in container security. If we do things right, it’s not just an innovation for application development or application deployment—it’s innovation for how security is introduced in enterprise computing in general. We believe that the downstream impact of this new mindset is game changing.
Twistlock is open for general business. If you’d like to learn more about how the Twistlock Container Security Suite can help your business, contact us to get a free trial at https://www.twistlock.com/get-twistlock/
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
Baking Compliance in your CI/CD PipelineRead the Blog
Serverless Security Suggestions: Tips for Keeping Serverless Functions SecureRead the Blog
Why a Common Security Toolset is Essential for DevSecOpsRead the Blog
Putting the “Ops” in DevSecOps: Why It’s Hard and How to Do ItRead the Blog
Why the Point Solution Mindset for IT Security is DeadRead the Blog