We’ve been proud to have partnered with Google many times over the years, including the launches of Google Container Registry and Google Cloud Security Command Center. Today I’m happy to announce our integration with Google’s Binary Authorization technology for Google Kubernetes Engine (GKE). Binary Authorization solves a core challenge for customers – how can I ensure that only safe, authorized images are allowed to run in my cluster?
While Twistlock has long supported this capability natively (and will continue to do so), with this integration with Google’s Binary Authorization for GKE, we’re providing an additional way to enforce these policies at the GKE layer, using admission controllers. In this architecture, Twistlock is providing the image analysis and the policy engine to express and enforce what’s safe and what’s not and then only signing attestations of allowed images. GKE then uses these attestations to determine what it allows to run, providing a secure by default posture that automatically rejects any unknown or vulnerable images. The end result is a solution for the entire software supply chain, in which Twistlock provides a consistent security policy throughout the entire lifecycle of your apps that GKE can now enforce at deployment time.
Here’s a screencast that shows the entire flow end to end:
Whether you’re using Google’s Binary Authorization for GKE, or any other implementation of Kritis, Twistlock’s image analysis and policy engine seamlessly integrate with the rest of your software supply chain to ensure you only ship quality software.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
What Integrated Security Really Means — and Why It MattersRead the Blog
A DevOps Approach to Compliance: What It Really Takes to Build Compliant AppsRead the Blog
CISOs: 5 Essential Features in a Cloud Native Security PlatformRead the Blog
Making CI/CD Fast and SecureRead the Blog
Leveraging Webhooks for Security Alerts with TwistlockRead the Blog