As images are built Twistlock has the ability to analyze the image and publish the analysis results in the console. Plus, even if you don’t have access to the console or need to distribute this information to a wide range of resources, Twistlock has the ability to setup email alerts on a schedule that you can control.
This can be useful if, for instance, the Security team wants to be notified every Monday of any new images and the state of images pushed over the weekend. No problem-you can tailor the Alert Settings to your needs, whatever that scenario may be. Here’s how:
Simply browse to Configure -> System -> Alerts and then click the “Settings” button.
From there specify your desired Alert Settings, and then click Save. Note the Aggregate alerts every Section. Alerts received during the given period are aggregated into a single email. For each alert profile, an email is sent immediately when the first alert is received. All subsequent emails are sent once per period.
From this point, you now want to start adding in Alert Profiles for different groups you need to Alert. So simply click “Add Profile” to begin.
Once in the “Create a New Profile” window, add in a new recipient and click the + sign, and then click “Save” when you are all done. If you want to get alerted on Defender Health, toggle the “Alert on Defender health events” button to “On”.
Once you have your Alert Profiles defined, you can start adding policies to them. So in this example, I just added the “Michael” Alert Profile to the Default policy that is set to Alert on Low Severity OS package vulnerabilities and a couple other things.
An now I am getting alerts in my email. When you look at the email it is broken down via the Image in this case Image: docker.io/library/jenkins:latest. Finally, we segment out newly discovered CVE’s since the last scan, and previously discovered CVE’s. Voila! There you have it.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Serverless Comparison: Lambda vs. Azure vs. GCP vs. OpenWhisk
Serverless computing adoption is growing at exponential rates. As with...
DevSecOps in Practice
If you understand DevOps, you probably also intuitively understand Dev...
Squaring the Circle: Making CI/CD Fast and Secure
Today, most DevOps teams place priorities on software delivery speed a...
Securing Istio with Twistlock
This article is about Istio, a new service mesh management platform th...
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...