Container Compliance

Monitor, Achieve, and Enforce Compliance for Containers and Hosts

Twistlock helps enterprises monitor, achieve, and enforce compliance for containers and cloud native environments. As the lead author of NIST’s Container Security Guide (SP 800-190) and contributors to CIS Benchmarks for Docker and Kubernetes, we recognize the value and necessity of container compliance across industry regimes. Enterprises use Twistlock Compliance Explorer, our compliance management system, to enforce standard configurations, security best practices, use of trusted registries and recommended deployment templates — gaining assurance that your containers’ environments, wherever they reside, remain compliant with industry or company policies.

Built for Internal and External Compliance

Companies have to continuously ensure that they are compliant with external requirements like HIPAA, FISMA, PCI, and GDPR, while also maintaining compliance with internally-developed policies. Compliance Explorer offers out-of-the-box configurations and policy controls so you can achieve container compliance today for each of these standards, while being able to customize them for your own needs.

Automatically Leverage CIS Benchmarks

The Docker and Kubernetes CIS Benchmarks provide consensus-oriented security best practices for deploying Docker and Kubernetes. Twistlock has developed built-in checks to validate recommended practices that you can maintain compliance throughout the software development lifecycle.

Don’t Just Monitor - Enforce

Twistlock doesn’t just monitor compliance across your environment, it helps you actively enforce it.  Centrally define granular policies that map to your specific requirements and Twistlock can prevent non-compliant containers from ever being run and stop deployments to non-compliant hosts and environments.

Quickly View the Compliance State of Your Environment

With Compliance Explorer, Twistlock provides a single view of all policies in your environment, the current compliance state, and historical compliance data. In addition to current compliance state, Compliance Explorer shows the last 30 days of compliance state in graphical format – and all data is easily exportable for integration to other tooling, or for use in audit.

“Adding security to a container based implementation of DevOps is essential for vulnerability management, audit logging and permission management to realize economic benefit in software security.”

Jim Routh CISO, Aetna

We are very pleased with Twistlock’s integration with CVE databases and the support of multiple technologies for vulnerability detection. This allows us to continue to grow container adoption without worrying about security.”

Ariel Moskovich DevOps Lead, AppsFlyer

Twistlock’s container security technology is a real differentiation for Booz Allen Hamilton’s Government-facing initiatives. It facilitates our customers’ adoption of DevOps while ensuring compliance with stringent security requirements.”

Frank S. Digiacomo Director of Business Development, Booz Allen Hamilton
This guide breaks down the PCI DSS requirements section by section and provides clear instructions on how to design and operate a compliant containerized environment.
The Guide to PCI Compliance for Containers