With the release of the Docker CIS Benchmark in 2015, organizations using containers could align on standard guidance for how to secure the container runtime. However, as the complexity of container deployments and rate of adoption has grown over the past two years, it’s become evident that it’s not only the container runtime – but the deployment model as well that could benefit from standardization.
Yesterday, the first version of the Kubernetes CIS Benchmark for 1.6 was released for this purpose – to provide the Kubernetes community a set of standards for securely deploying and managing container clusters. This new set of guidelines is a community driven effort to collect, review, and share Kubernetes related knowledge, and contains over 100 different guidelines to ensure Kubernetes clusters are secured against common misconfigurations and threats.
We at Twistlock actively participated in the effort by adding new guidelines based on customer feedback and experience. For example, we contributed control 1.6.4, which recommends micro network segmentation using network policies. This control reduces your exposure to lateral movement attacks, and increases the security of east/west data flow.
Whether or not your organization leverages Kubernetes, Twistlock can automatically enforce compliance policies across all stages of the container lifecycle. From day 1, we’ve offered native Docker CIS Benchmark support and templates for compliance to industry standards, and we’ll continue to evolve our offering.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
Baking Compliance in your CI/CD PipelineRead the Blog
Serverless Security Suggestions: Tips for Keeping Serverless Functions SecureRead the Blog
Why a Common Security Toolset is Essential for DevSecOpsRead the Blog
Putting the “Ops” in DevSecOps: Why It’s Hard and How to Do ItRead the Blog
Why the Point Solution Mindset for IT Security is DeadRead the Blog