With the release of the Docker CIS Benchmark in 2015, organizations using containers could align on standard guidance for how to secure the container runtime. However, as the complexity of container deployments and rate of adoption has grown over the past two years, it’s become evident that it’s not only the container runtime – but the deployment model as well that could benefit from standardization.
Yesterday, the first version of the Kubernetes CIS Benchmark for 1.6 was released for this purpose – to provide the Kubernetes community a set of standards for securely deploying and managing container clusters. This new set of guidelines is a community driven effort to collect, review, and share Kubernetes related knowledge, and contains over 100 different guidelines to ensure Kubernetes clusters are secured against common misconfigurations and threats.
We at Twistlock actively participated in the effort by adding new guidelines based on customer feedback and experience. For example, we contributed control 1.6.4, which recommends micro network segmentation using network policies. This control reduces your exposure to lateral movement attacks, and increases the security of east/west data flow.
Whether or not your organization leverages Kubernetes, Twistlock can automatically enforce compliance policies across all stages of the container lifecycle. From day 1, we’ve offered native Docker CIS Benchmark support and templates for compliance to industry standards, and we’ll continue to evolve our offering.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
2019 Gartner Market Guide for CWPP: What You Need to KnowRead the Blog
Key Differences in Security, Management for Serverless vs. ContainersRead the Blog
Docker vs. KubernetesRead the Blog
How Cloud Workload Protection is Different than Application SecurityRead the Blog
Zero-Trust Security: What It Means and How to Achieve ItRead the Blog