I caught up with Scott Fulton III on this edition of The New Stack Makers podcast to discuss what makes distributed security ‘Cloud Native’, and why cloud native architectures are inherently more secure.
Check out the full article here and some of the talking points below:
[2:30] Twistlock is Cloud Native Cybersecurity. We chose the term ‘cloud native’ because of the Cloud Native Computing Foundation (CNFC), and the focus that it has. We look to address anything that is a native part of the CNCF stack.
[4:00] Twistlock started with a focus on securing containers, and while containers are still a critical and a foundational part of what we do, Twistlock is ‘cloud native cybersecurity’ because we recognize that customers take a broader approach. We look at the entire stack of modern cloud native architecture.
[6:10] Serverless functions have a lot of advantages, but are not always what you need. We’re seeing that customers are taking an “all of the above” approach and are using the right parts of the stack for the right parts of their problems they want to solve.
[9:20] A lot of the technologies and procedures that devops enable are fundamentally about getting developers closer to the customer, meaning that developers need to be more security conscious today than they may have had to in the past. [11:30] This has guided a lot of what we’ve done with our product in that we’re not only trying to provide a comprehensive security platform that appeals to CISOs, but also a native, integrated experience for developers.
[20:40] Containers are predictable, and that predictability is one of the things that allows us to do security in a more scalable and automated way than traditional systems. We’re taking advantage of the characteristics of containers.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Cryptomining Malware Emerges
I have been watching for the spread of malware that, primarily, uses c...
Calling the Twistlock API from PowerShell
The Problem This morning, a colleague was looking for situations where...
Reflections on the 20th Anniversary of Open Source Technology
Exactly twenty years ago in February 1998, the term “open source” ...
Enhanced Syslog Data Streams: 2.3 Deep Dive
In each of our Twistlock releases, we publish some truly remarkable fe...
A Checklist for DevSecOps When Choosing a Container Security Provider
If there was ever a time when integrating security into DevOps was str...