Container Compliance

Monitor, Achieve, and Enforce Compliance for Containers and Hosts

Twistlock helps enterprises monitor and enforce compliance for hosts, containers and serverless environments. As the lead author of NIST SP 800-190, the Application Container Security Guide, and contributors to CIS Benchmarks, we recognize the value and necessity of container and host compliance across industry regimes. Enterprises use Twistlock Compliance Explorer, our compliance management system, to enforce standard configurations, security best practices, use of trusted registries and recommended deployment templates—gaining assurance that your cloud native environments, wherever they run, remain compliant with industry and company policies.

Built for Internal and External Compliance

Enterprises and government organizations have to continuously ensure that they are compliant with external requirements like HIPAA, FISMA, PCI, and GDPR, while also maintaining compliance with internally-developed policies. Twistlock offers over 400 out-of-the-box configurations and policy controls so you can achieve compliance today for each of these standards, while being able to customize them for your own needs.

Officially Certified for Four CIS Benchmarks

Twistlock is officially certified to implement the AWS, Docker, Kubernetes, and Linux CIS Benchmarks to provide audit professionals with consensus-oriented security best practices at their organizations. Configure over 400 built-in checks based on your needs and create your own custom checks with simple Bash and PowerShell scripts.

Automatically Discover Cloud Native Assets Across Public Clouds

As developers and devops teams spin up new cloud resources, security teams can be left in the dark—unable to identify unprotected repositories, managed Kubernetes clusters, or serverless applications. With Twistlock, security and compliance leaders can automatically view and be alerted on any previously unknown entities and seamlessly secure them.

Manage Image Trust

Twistlock automatically learns all the registries and repositories you rely on for running your apps and enables you to ensure images can only be deployed from these trusted sources. Easily add explicitly allowed or denied rules for registries and repos and re-learn the trusted set of sources anytime with a single click or API call.

Quickly View Your Compliance State in Real Time

With Compliance Explorer, Twistlock provides a single view of all policies in your environment, the current compliance state, and historical compliance data. In addition to the current state, Compliance Explorer shows the last 30 days of data in graphical format—with all data easily exportable to send to any tools of your choosing.

“Adding security to a container based implementation of DevOps is essential for vulnerability management, audit logging and permission management to realize economic benefit in software security.”

Jim Routh CISO, Aetna

We are very pleased with Twistlock’s integration with CVE databases and the support of multiple technologies for vulnerability detection. This allows us to continue to grow container adoption without worrying about security.”

Ariel Moskovich DevOps Lead, AppsFlyer

Twistlock’s container security technology is a real differentiation for Booz Allen Hamilton’s Government-facing initiatives. It facilitates our customers’ adoption of DevOps while ensuring compliance with stringent security requirements.”

Frank S. Digiacomo Director of Business Development, Booz Allen Hamilton
This guide breaks down the PCI DSS requirements section by section and provides clear instructions on how to design and operate a compliant containerized environment.
The Guide to PCI Compliance for Containers