Last week, Gartner released its 2018 Market Guide for Cloud Workload Protection Platforms (CWPP), which highlights trends in cloud security, recommendations for securing cloud workloads, and details about specific vendors addressing the needs around containers, cloud native applications, and serverless applications — Twistlock is proud to be listed specifically as a “container-focused” vendor for the second year in a row.
In the guide, Gartner speaks specifically about container security requirements:
CWPP vendors need to be able to provide visibility into containers and to distinguish and apply policies, based on individual containers, including network segmentation. This is an emerging critical requirement for organizations using containers to support microservices-style architectures and rapid DevSecOps workflows.
5 key takeaways for securing cloud workloads
While the guide touches on many recommendations for securing cloud workloads, I wanted to take the time to highlight several takeaways and trends that resonated with the team here at Twistlock.
1. Today’s solutions need to protect cloud native applications wherever they run: Enterprises across almost every industry vertical are modernizing their applications to leverage a combination of VMs, containers, and serverless. Recently, Twistlock CTO John Morello highlighted these technologies in the Continuum of Cloud-Native Topologies eBook:
Every organization is investing in software as a competitive differentiator for their business. This is driving great demand for platforms that enable developer agility and operational scale, which has led to a wide variety of choice for cloud native topologies.
Solutions addressing cloud workload protection need to protect workloads across all of these cloud native topologies — securing not only the underlying host, but also containers, the container orchestrator, and new serverless offerings like AWS Lambda. As enterprises choose multiple technologies to run their applications, security has to be a key focus up and down the stack.
2. Vulnerability scanning, especially during development, is a best practice for securing containers: The best way to shift security left, reduce costs, and improve code quality is to scan container images before they run in production. By setting quality gates during the CI/CD process, continuously monitoring the registry, and managing vulnerabilities at runtime, organizations can drastically enhance the security of their containers.
3. Application control and whitelisting is a core requirement: Gartner states that “the use of whitelisting to control what executables are run on a server provides an extremely powerful security protection strategy.” One of our biggest differentiators with Twistlock Runtime Defense is using machine learning to automatically build a model of every application in users’ environments. Models define all the known-good behaviors of containers, across process, network, file system, and system call sensors. As development and devops teams race to deploy applications more quickly, runtime defense scales security by preventing anomalous behavior and next generation attacks.
4. Enable DevSecOps by integrating security and leveraging automation: Developers and devops teams have been the primary drivers of container adoption in a push to deliver the greatest business value to customers as quickly as possible. DevSecOps embeds security right into today’s modern workflows without adding intense friction from the security side of the organization. By integrating with the tools developers are already using, like Jenkins for example, security becomes a standard and continual part of the build and deploy process. Automation, such as leveraging machine learning to whitelist container behavior, allows lean security teams to monitor and secure hundreds of hosts with thousands of containers.
5. Compliance can’t be overlooked: The shift to microservices presents new needs and opportunities for compliance teams and enterprise architects. Emerging laws and compliance regulations like GDPR require organizations to control how data is accessed across different regions and environments with the ability to continuously monitor any changes and identify issues for remediation. Whether you’re looking to stay compliant with HIPAA, PCI, or other internal regimes, the shift to cloud native requires solutions to address compliance.
A full lifecycle approach to cloud native security
As companies move to containers and the cloud native ecosystem, an opportunity exists for stronger cybersecurity than ever before. By seamlessly integrating across the application delivery lifecycle, Twistlock ensures your containers and cloud native applications can be deployed fearlessly. Twistlock learns expected application behavior, and uses machine learning to model this behavior and automatically create and enforce whitelist based runtime protection and firewalling.
This automated approach to security not only reduces the workload on security teams, but by profiling every application and flagging any anomalous behavior, ultimately delivers better security than ever before. Twistlock is proud to listed as a representative vendor by Gartner in the official market guide.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Multiple Registry Scanners: 2.4 Deep Dive
At Twistlock, we’ve watched our customers implement security through...
The Challenges of Securing and Protecting Containers During Runtime
Containers deliver many advantages over virtual machines, but they als...
Infinite Scale and Multitenancy with Projects: 2.4 Deep Dive
At Twistlock, we’re working with enterprises across almost every ind...
Twistlock 2.4 Release Notes
Announcing Twistlock 2.4 We just signed off on Twistlock 2.4, the 13th...
5 Ways to Solve for Enterprise Cloud Security Challenges and Risks
Infrastructure as a Service (IaaS) clouds present a somewhat unique se...