Policy & Configuration Management

Achieving Compliance With Twistlock

With Twistlock, you can enforce standard configurations, container best practices, the use of trusted registries and recommended deployment templates. You will gain assurance that your containers environments, wherever they reside, remain compliant with industry or company policies.

CIS Docker Benchmarking

CIS Docker benchmark

This benchmark provides consensus-oriented security best practices for deploying Docker. Twistlock developed 80+ built-in checks to validate recommended practices from the CIS benchmark, including configuration assessment, hardening checks, and hardware validations.

Docker Application Configuration Management

Configuration management

Twistlock Container Security Suite includes an extensive list of configuration checks covering host, Docker daemon, Docker files and directories, containers, and even the underlying hardware. We also enforce standard configurations during deployment.

docker registry

Trusted registry and trusted images 

Organizations can use Twistlock to enforce “Trusted Registries” and “Trusted Images”. A trusted registry houses images scanned and approved by Twistlock or other trusted entities (e.g., Docker Trust Registry). Twistlock can enforce that only images pulled from a trusted registry are deployed onto production servers.

hardware integrity checks

Hardware integrity checks 

For environments that use Intel® Xeon® processors, Twistlock has native integrations with Intel’s Cloud Integrity Technology (CIT) to perform integrity and attestation checks for host hardware, firmware, Docker daemon or hypervisor prior to deploying containers, thereby establishing a chain of trust from the hardware to the workload to ensure the integrity of your cloud environment.

Compliance In The Container Ecosystem

Our compliance checks cover host, container, Docker daemon, Docker files & directories, image, hardware and security operation policies. Some of the examples are shown here.

Software and Application Policy Compliance

The ability to build a trusted registry with Twistlock’s Container Security Suite allowed our Ops team a simple yet elegant way to control the deployment process, while preserving DevOps efficiency and flexibility for our development teams” 

Director of IT operations, A civilian government agency

“Our company deals with regulated data and it’s vital that we can show our auditors how we comply with data protection regulations. Twistlock made it easy for us to create a set of policies that mirrors our audit requirements and ensures that our developers adhere to them as they build their images.” 

Principal engineer, A leading digital media company

” We experienced a huge amount of image drift prior to deploying Twistlock. With Twistlock, we are able to reign in configuration drift in both images and also production hosts by ensuring that only gold images are deployed and all hosts are configured in the same secure way.”

Director of Cloud Infrastructure , A large medical research center

Want to learn more?

Get datasheet

Get Twistlock Today

Sign up for a free trial