With the release of the Docker CIS Benchmark in 2015, organizations using containers could align on standard guidance for how to secure the container runtime. However, as the complexity of container deployments and rate of adoption has grown over the past two years, it’s become evident that it’s not only the container runtime – but the deployment model as well that could benefit from standardization.
Yesterday, the first version of the Kubernetes CIS Benchmark for 1.6 was released for this purpose – to provide the Kubernetes community a set of standards for securely deploying and managing container clusters. This new set of guidelines is a community driven effort to collect, review, and share Kubernetes related knowledge, and contains over 100 different guidelines to ensure Kubernetes clusters are secured against common misconfigurations and threats.
We at Twistlock actively participated in the effort by adding new guidelines based on customer feedback and experience. For example, we contributed control 1.6.4, which recommends micro network segmentation using network policies. This control reduces your exposure to lateral movement attacks, and increases the security of east/west data flow.
Whether or not your organization leverages Kubernetes, Twistlock can automatically enforce compliance policies across all stages of the container lifecycle. From day 1, we’ve offered native Docker CIS Benchmark support and templates for compliance to industry standards, and we’ll continue to evolve our offering.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Multiple Registry Scanners: 2.4 Deep Dive
At Twistlock, we’ve watched our customers implement security through...
The Challenges of Securing and Protecting Containers During Runtime
Containers deliver many advantages over virtual machines, but they als...
Infinite Scale and Multitenancy with Projects: 2.4 Deep Dive
At Twistlock, we’re working with enterprises across almost every ind...
Twistlock 2.4 Release Notes
Announcing Twistlock 2.4 We just signed off on Twistlock 2.4, the 13th...
5 Ways to Solve for Enterprise Cloud Security Challenges and Risks
Infrastructure as a Service (IaaS) clouds present a somewhat unique se...