This technical deep dive highlights key capabilities released as part of Twistlock 19.07. To learn more about what’s included with Twistlock 19.07, check out our full release blog post.
Cloud Platform Radar, released with Twistlock 19.07, expands on our cloud compliance capabilities to automatically show a graphical visualization on the world map of cloud sites as well as the number of nodes deployed there and their current protection status. It’s easy to filter the global view by cloud provider and region, workload type, and protection level. This feature builds on our existing Cloud Platform Compliance capabilities where Twistlock automatically identifies unprotected assets on AWS, Azure, and GCP—use our prior blog as a guide to enable cloud discovery and compliance and view data in a tabular format in Twistlock Console. This blog post today focuses on the visual, interactive Cloud Platform Radar new to this release.
Prerequisites: Credentials you’ll need
You’ll want to have credentials for your cloud platform in hand before you attempt to enable Cloud Platform Radar, Discovery, and Compliance. The Twistlock docs have all the information of the types of credentials you’ll need, how to generate them, and how to apply them.
Getting visual: A global map of all cloud native services
Once you have enabled Cloud Platform Discovery ( for AWS, GCP, Azure) and Compliance (for AWS) by adding credentials and checking the boxes (as shown in the screenshot above) under Defend > Compliance > Cloud Platforms, return to the Radar and choose the Cloud view.
In the Cloud Radar screenshot below, I’m showing an environment with just AWS credentials enabled. The map pins represent cloud provider regions where we discovered cloud native resources like serverless functions, Kubernetes clusters, registries, etc.
Highlighting key details
In the screenshot below, I’ve focused on a single region and can see the discovered resources and their protection status. Currently, Twistlock has not been deployed to protect any of the identified resources. By using the one-click protection shield icon to the right of the AWS Lambda resources, I’ll add my credentials and then be able to scan them continuously with Twistlock.
After initiating a scan, our newly-protected resources will be reflected in the Cloud Platform Radar, as shown in the screenshot below:
From there, you can drill down to examine the protected resources:
In the case of AWS, you can also link directly to the AWS Cloud Compliance information using the provided link:
Asset identification of AWS, Azure, and GCP resources
Once we’ve activated the credentials for Azure, GCP, and AWS, we can view all of their regions on the world map at once, as shown below. You’ll notice that we’ve used the “Undeployed sites” filter as well to ensure we’re seeing cloud regions where we could be potentially deployed, but are not currently:
Speaking of filters, there are options in the filter dropdown for everything from cloud provider and their regions, to resource type and “Protected Level” percentage. In the screenshot below, we’re looking at sites with only 0-5% of the resources protected. You can also type the filter information into the filter bar which has type-ahead support.
Additionally, there is a search bar for friendly region name in the upper right:
The new Cloud Platform Radar feature in 19.07 extends Twistlock’s visual, interactive Radar approach to cloud platform site and resource discovery to give security operations and application teams additional insight into their cloud native workloads and their Twistlock protection status. We look forward to hearing feedback from our customers on this feature and adding additional functionality or cloud providers in the future.
- Twistlock Platform
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog
Enhanced Security Capabilities for Windows Hosts and ContainersRead the Blog