Amazon ECS Security

End-to-End Security for Amazon ECS

Enterprises that use Amazon ECR, ECS, Fargate, and EKS trust Twistlock to provide vulnerability prevention, compliance enforcement, container-aware firewalling, and powerful runtime protection to secure their cloud native applications on AWS.

Implement CIS Benchmarks

With over 200 built-in checks covering every recommendation in the Docker and Kubernetes CIS Benchmarks, Twistlock automatically enforces compliance policies across the container lifecycle. Twistlock provides built-in templates for compliance regimes like PCI, HIPAA, GDPR, and NIST SP 800-190 that you can easily implement across hosts, orchestrators, containers, and images in AWS.

Vulnerability Prevention from Development to Runtime

Detects vulnerabilities in your images throughout their lifecycle, from the beginning of the CI process, to registries, to all your production deployments whether using ECS, EKS, Fargate, or your own self-managed environment in EC2. Create granular policies to prevent vulnerable images from being deployed per task or per region and rely on Twistlock IAM role integration to securely and seamlessly connect to ECR repositories. Integrate Twistlock’s vulnerability and compliance enforcement directly into your CodePipeline jobs.

Advanced Threat Intelligence

In addition to the more than 30 other upstream vulnerability and threat sources, the Twistlock Intelligence Stream also includes full coverage for Amazon Linux. Twistlock detects and prevents vulnerabilities when Amazon Linux is used as either a host OS or container image base layer. So, regardless of what OS you choose for your hosts and images, Twistlock is ready to protect you.

Cloud Native Firewalling Ready for AWS

Automatically-deployed layer-3 and layer-7 firewalls work with your VPCs and security groups to provide additional layers of defense in depth for your containerized apps.

Runtime Security for ECS

From network and application firewalls, to container runtime defense, to host protection — Twistlock is the only security tool you need to defend your ECS environment against vulnerabilities and active threats. Because Twistlock supports Amazon Linux, IAM roles, ECS, Fargate, and EKS, you can use AWS container services fearlessly, knowing your security platform is ready to protect you across all of them them.

Twistlock can help AWS customers secure their container workloads, including containerized applications that run on Amazon EC2 Container Service and container images that are stored in EC2 Container Registry.”

Brandon Chavis Solutions Architect, AWS
The Guide to Modernizing Traditional Security
Discover the benefits in vulnerability management, compliance, and runtime security improvements when migrating traditional applications to containers.