CI Integration

Continuous Integration Security for Containerized Applications

Developers and devops teams want tools that integrate directly into their CI process so they can find and fix problems before they ever make it into production — that’s why Twistlock integrates security with all your current CI tools and workflows. Powerful CI capabilities allow developers to see vulnerability status every time they run a build, without having to run a separate tool or use a different interface. Security teams can set policies that act as quality control gates to ensure only remediated images progress down the pipeline.

Plug Security Into Your Current Toolkit

Twistlock provides native plugins for CI tools like Jenkins as well as a standalone vulnerability scanner to plug security directly into your existing build and deploy process. Set thresholds for security and compliance, including HIPAA, PCI, CIS Benchmarks, and more, right in the build. Automated and custom policies can alert or block unsafe builds to provide precise control for security teams and minimal friction to developers.

Security As Part of the Build

With Twistlock, you can create granular policies that provide you with precise control over every CI job. Use Twistlock to enforce specific requirements such as ‘in the build for my payment app, block any build impacted by a CVE with a medium or higher CVSS rating and for which a vendor fix is available’. Ensure that only images that pass your security requirements are signed and pushed to your registry.

A Centralized View of Every Build

As part of scanning each build via our Jenkins plugin or twistcli, Twistlock surfaces results in both your development tools and in Vulnerability Explorer. Track vulnerability findings for each build, in each layer, and whether the image passed or failed based on policy, all within the Twistlock UI.

Up-To-Date Intelligence for Accurate Enforcement

The Twistlock Intelligence Stream sources and aggregates vulnerability information directly from 30+ upstream projects, commercial sources, and proprietary research from Twistlock Labs. We focus on having the most precise data available covering all layers of your stack, so you have accurate visibility into not just the base layer of your images, but also the frameworks like Java, Node.js, Go, and Python that you use within them. Binary analysis helps identify vulnerabilities regardless of how you add a component to an image and custom rules help you find vulnerabilities in your own custom created components.

Adding security to a container based implementation of DevOps is essential for vulnerability management, audit logging and permission management to realize economic benefit in software security.”

Jim Routh CISO, Aetna

We are very pleased with Twistlock’s integration with CVE databases and the support of multiple technologies for vulnerability detection. This allows us to continue to grow container adoption without worrying about security.”

Ariel Moskovich DevOps Lead, AppsFlyer

Twistlock’s container security technology is a real differentiation for Booz Allen Hamilton’s Government-facing initiatives. It facilitates our customers’ adoption of DevOps while ensuring compliance with stringent security requirements.”

Frank S. Digiacomo Director of Business Development, Booz Allen Hamilton
Guide to Cloud Native Microservices
Learn how teams build, deploy and manage scaled-out application architectures with technologies that fit the organization’s objectives.
The Guide to Modernizing Traditional Security
Discover the benefits in vulnerability management, compliance, and runtime security improvements when migrating traditional applications to containers.