Strong security isn’t about a single line of defense – it requires protection across multiple, redundant layers. Applications protected by Twistlock today are kept safe by our runtime defense capabilities – which use machine learning to automatically secure container applications. With Twistlock 2.1, we’re excited to take this protection even further – and provide another layer of security to our customers with the release of the Twistlock Cloud Native Application Firewall (CNAF).
The challenge with adapting traditional Web Application Firewalls to containers has been one of scale and information sharing. WAFs need to know how to filter and direct traffic for the applications they protect – what IPs are in use, and the anticipated routes of traffic. As your environment grows, these rules have to be updated with the latest, most accurate information to prevent rot – and a breakdown in security.
Twistlock’s CNAF is built for the Modern Enterprise
When running container applications at scale, the flows of traffic, and even the IP addresses of your applications isn’t something preset – Kubernetes or your other orchestration layer will shape this depending on the needs of the environment. This, plus the the rapid rate of scaling up/down in containerized environments – makes maintaining protection via a traditional WAF all but impossible.
To address that challenge, our team applied the same machine-learning driven analysis and security model creation that powers Twistlock today, and used this to create and enforce layer 7 rules via an application firewall. The CNAF runs within the Twistlock Defender, and like the rest of Twistlock, requires no changes to your environment nor manual configuration for it to begin filtering network traffic. The CNAF automatically learns about your applications and the contexts in which they run – and uses this to create its rules. Common attacks like SQL injection or XSS are stopped before they reach your containers – and malicious traffic is blocked as well.
The CNAF, coupled with Twistlock’s whitelist based protection of running applications, provides organizations using containers and other cloud native technologies industry-leading protection against known and 0-day threats. Over the next few weeks, we’ll go into more depth on how the CNAF works; use cases and real-world examples, as well as some of the other features you can see in Twistlock 2.1 — and what’s coming next. In the meantime, get in touch with questions, or request an evaluation license today.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...
Why DevSecOps is No Longer Optional
DevSecOps has been a hot topic within tech conversations for a few yea...
Better Together: Announcing The Twistlock Advantage Program
It’s been about three years since we exited stealth with the first g...
My Security Toolset Today Vs 10 Years Ago
It can be easy to forget how sophisticated IT security tools are today...
How to crash the Linux Kernel with a CDROM interaction – CVE-2018-11506
I’ve recently discovered and reported a buffer overflow vulnerabilit...