With the release of the Docker CIS Benchmark in 2015, organizations using containers could align on standard guidance for how to secure the container runtime. However, as the complexity of container deployments and rate of adoption has grown over the past two years, it’s become evident that it’s not only the container runtime – but the deployment model as well that could benefit from standardization.
Yesterday, the first version of the Kubernetes CIS Benchmark for 1.6 was released for this purpose – to provide the Kubernetes community a set of standards for securely deploying and managing container clusters. This new set of guidelines is a community driven effort to collect, review, and share Kubernetes related knowledge, and contains over 100 different guidelines to ensure Kubernetes clusters are secured against common misconfigurations and threats.
We at Twistlock actively participated in the effort by adding new guidelines based on customer feedback and experience. For example, we contributed control 1.6.4, which recommends micro network segmentation using network policies. This control reduces your exposure to lateral movement attacks, and increases the security of east/west data flow.
Whether or not your organization leverages Kubernetes, Twistlock can automatically enforce compliance policies across all stages of the container lifecycle. From day 1, we’ve offered native Docker CIS Benchmark support and templates for compliance to industry standards, and we’ll continue to evolve our offering.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Securing Istio with Twistlock
This article is about Istio, a new service mesh management platform th...
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...
Why DevSecOps is No Longer Optional
DevSecOps has been a hot topic within tech conversations for a few yea...
Better Together: Announcing The Twistlock Advantage Program
It’s been about three years since we exited stealth with the first g...
My Security Toolset Today Vs 10 Years Ago
It can be easy to forget how sophisticated IT security tools are today...