Full Stack Vulnerability Management

Manage vulnerabilities across the container lifecycle

Twistlock scans container images in registries, on dev workstations, or on production servers. We detect and report vulnerabilities in the Linux distribution layer, app frameworks, and even your customer app packages. The scanning tasks are seamlessly integrated with CI pipelines and existing dev processes. We can also take remediation actions based on vulnerability information in runtime.

Full stack visibility

Full stack visibility

Twistlock’s solution can detect vulnerabilities within the Linux distribution layer (e.g., Debian, Alpine LInux, Fedora), libraries, Gems, app frameworks (Node.js, Python, Java), and even your custom application packages. We decompose a container image down to the individual layers and identify vulnerabilities exist within each layer with fingerprinting and custom identification technologies.

Real-time vulnerability intelligence

Real-time vulnerability intelligence

Twistlock’s intelligence service sources and aggregates vulnerability information directly from upstream projects, such as ubuntu, redhat, debian, etc., commercial and proprietary sources including our own labs. The vulnerability information is sent in real time to the Twistlock Console, which is the central brain for vulnerability management.

End to end lifecycle coverage

End to end lifecycle coverage

We analyze images stored in a registry, on a developer’s workstation, and all the way to containers being launched on a production host. Our centralized intelligence allows us to leverage information gathered in dev time and utilize in runtime for optimized differential scanning as well as the ability to spot vulnerabilities without rescanning known components.


Extensively API driven

The Twistlock product supports an extensive set of APIs for developers to access almost all of our core functions, supporting limitless automation possibilities. Key use cases include auto-scaling, rule creation, access management, enterprise ticket integration, customerized reporting, and forensics information gathering.


Seamless CI integration 

Twistlock uses a set of automatic profiling policies to detect anomalies in runtime. These policies are derived from system call profiling, malicious behavior fingerprinting, user access analysis, and intelligence from image scanning during development. These policies require no or little intervention from sysadmins and are a powerful tool to detect active threats and compromises


Actionable vulnerability reporting

We report which libraries, packages, frameworks contained a specific vulnerability, point to the CVE source, and when applicable, detail the steps for remediation. Our reporting can be specific to a container or in aggregate – i.e., how many containers (and where) are running a vulnerable version of a library at this point in time.

Vulnerability management at a glance

Vulnerability Management Infographic


Twistlock’s integration with CVE databases is particularly valuable in helping us easily find and fix vulnerabilities. With Twistlock, we can continue to protect our customers even as we adopt new technologies like containers“.

Gregory Man

Manager, Systems group, Wix

Want to learn more?

Get datasheet

Get Twistlock Today

Sign up for a free trial