This technical deep dive highlights key capabilities released as part of Twistlock 2.5. To learn more about what’s included with Twistlock 2.5, check out our full release blog post.
Continuing our series of blog posts on our most recent 2.5 feature set is an overview of Twistlock Radar v3. This blog will cover the enhancements made to our Radar view that shows how your application actually communicates along with its state. Users can easily learn: Is the container or application vulnerable, how compliant is it, and with what else does it communicate with?
An overview of Radar
Let’s start with the name. Runtime Radar 3: Rise of the Machines was my first choice of name for this feature. Closely followed by Runtime Radar and the Last Crusade. Finally I submitted Radar III (inspired by either of those classic movies Rocky III or Rambo III). For some unknown reason, Twistlock wanted something descriptive and accurate rather than just harking back to classic 80s films of my youth.
For those of you new to Twistlock, Radar is the main overview of your estate and shows all the images with running containers. Radar shows the network connectivity between containers as well as the real time compliance and vulnerability state. Here’s an example:
Here we can see the pop up that appears for my httpd image that is running in the ashley namespace. This popup allows me to quickly see that container has a high number of vulnerabilities, including some that are critical.
We can then further see how different containers communicate with one another, here’s a view of the shipping part of my demo application:
Here, we can see that the shipping service talks to rabbitmq as does the queue-master service. We can see the ports used and the direction of traffic – everything. Planes, trains and automobiles.
Here’s a pop up with more information that makes it even easier!
That’s what Twistlock has always provided, and please remember that all of that is automatic. The scanning, the learning, the monitoring for changes, all of it. This is (as Ted “Theodore” Logan or Bill S. Preston, Esquire would put it) “Excellent.”
What’s new in Radar v3
We’ve found customers using Radar more and more as the first stop for an overview of their estate. As that estate scales, the view could become cluttered. So, we needed to approach things slightly differently. Now, users can zoom in to see a more detailed display or zoom out to see a high level overview of their estate. In the screenshot below, you can see all my different namespaces plus containers not in namespaces all shown in the same place:
With this view, we can clearly see the components of our applications and how many are passing our security requirements along with any network communication – which would also show if you had any crossing namespaces!
First, you’ll notice that three of the namespaces are red, indicating that you should investigate further because that namespace is involved in a security incident or attack. Fortunately, a single click takes you immediately to the namespace, in my example that’s actually everything that I’ve made run outside of Kubernetes.
Clicking on the offending image takes me directly to the forensic data of the incident that has occurred:
All of this means that using our new 2.5 release you can visualise your environment and immediately find any anomalies thanks to our color coding, highlighting, and quick zoom functions!
That’s all from me for now. If you want to learn more then get a demo booked or ping me on social media. I’m always happy to chat. Our next release will roll round before you know it and then I’ll be back!
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.