Gartner recently released its March 2018 Market Guide for Cloud Workload Protection Platforms, which highlights trends in cloud security, recommendations for securing cloud workloads, and details about specific vendors addressing the needs around containers, cloud native applications, and serverless applications. Gartner acknowledges Twistlock as a Representative Vendor for cloud workload protection platforms.*
In the Market Guide for Cloud Workload Protection Platforms, Gartner states:
“Server workloads in hybrid data centers spanning private and public clouds require a protection strategy different from end-user-facing devices. Security and risk management leaders should evaluate and deploy offerings specifically designed for cloud workload protection.”
5 key takeaways for securing cloud workloads
While the guide touches on many recommendations for securing cloud workloads, I wanted to take the time to highlight several takeaways and trends that resonated with the team here at Twistlock.
1. Today’s solutions need to protect cloud native applications wherever they run: Enterprises across almost every industry vertical are modernizing their applications to leverage a combination of VMs, containers, and serverless. Recently, Twistlock CTO John Morello highlighted these technologies in the Continuum of Cloud-Native Topologies eBook:
“Every organization is investing in software as a competitive differentiator for their business. This is driving great demand for platforms that enable developer agility and operational scale, which has led to a wide variety of choice for cloud native topologies.”
As enterprises choose multiple technologies from VMs to containers to serverless to run their applications, security has to be a key focus up and down the stack.
2. Vulnerability scanning, especially during development, is a best practice for securing containers: The best way to shift security left, reduce costs, and improve code quality is to scan container images before they run in production. By setting quality gates during the CI/CD process, continuously monitoring the registry, and managing vulnerabilities at runtime, organizations can drastically enhance the security of their containers.
3. Use of application control and whitelisting is a recommendation: Containers and cloud native applications present incredible opportunities for automation and machine learning to model behavior across process, network, file system, and system call sensors — a capability we call Runtime Defense. As development and devops teams race to deploy applications more quickly, runtime defense scales security by preventing anomalous behavior and next generation attacks.
4. Enable DevSecOps by integrating security and leveraging automation: Developers and devops teams have been the primary drivers of container adoption in a push to deliver the greatest business value to customers as quickly as possible. DevSecOps embeds security right into today’s modern workflows without adding intense friction from the security side of the organization. By integrating with the tools developers are already using, like Jenkins for example, security becomes a standard and continual part of the build and deploy process. Automation, such as leveraging machine learning to whitelist container behavior, allows lean security teams to monitor and secure hundreds of hosts with thousands of containers.
5. Compliance can’t be overlooked: The shift to microservices presents new needs and opportunities for compliance teams and enterprise architects. Emerging laws and compliance regulations like GDPR require organizations to control how data is accessed across different regions and environments with the ability to continuously monitor any changes and identify issues for remediation. Whether you’re looking to stay compliant with HIPAA, PCI, or other internal regimes, the shift to cloud native requires solutions to address compliance.
A full lifecycle approach to cloud native security
As companies move to containers and the cloud native ecosystem, an opportunity exists for stronger cybersecurity than ever before. By seamlessly integrating across the application delivery lifecycle, Twistlock ensures your containers and cloud native applications can be deployed fearlessly. Twistlock learns expected application behavior, and uses machine learning to model this behavior and automatically create and enforce whitelist based runtime protection and firewalling.
*Gartner, Inc., Market Guide for Cloud Workload Protection Platforms, Neil MacDonald, 26 March 2018.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...
Why DevSecOps is No Longer Optional
DevSecOps has been a hot topic within tech conversations for a few yea...
Better Together: Announcing The Twistlock Advantage Program
It’s been about three years since we exited stealth with the first g...
My Security Toolset Today Vs 10 Years Ago
It can be easy to forget how sophisticated IT security tools are today...
How to crash the Linux Kernel with a CDROM interaction – CVE-2018-11506
I’ve recently discovered and reported a buffer overflow vulnerabilit...