IBM Cloud Security

Security for Cloud Native Applications on IBM Cloud

Enterprises using IBM Cloud to build, manage, and run their containers also leverage Twistlock to provide complete security of their environments. Twistlock ensures that images and containers are free of vulnerabilities and compliance policies are implemented, while runtime protection and cloud native firewalls secure your environment and networks from active threats. IBM Cloud is an official member of the Twistlock Advantage Partner (TAP) Program.

Vulnerability Prevention from Development to Runtime

Twistlock detects vulnerabilities in your images throughout their lifecycle, from the beginning of the CI process, to your registries, to all your production deployments on IBM Cloud Kubernetes Service (IKS). By integrating with IBM Container Registry (ICR) and any CI tools your teams are using, Twistlock provides immediate vulnerability status and enforcement as your developers build and ship images.

Compliance Across the Application Lifecycle

With compliance rules covering over 300 security best practices and pre-built policy templates for specific regulations like HIPAA, PCI, GDPR, and NIST SP 800-190, Twistlock can automatically enforce compliance policies across the build to runtime. Twistlock is the only platform that continuously monitors your hosts, images, and containers for compliance.

Risk Prioritization Tailored to Your Environment

Twistlock ranks vulnerabilities and compliance issues by leveraging our proprietary risk score, a combination of CVSS score and metrics about your specific environment, so you can measure and prioritize remediation of top risks. The Twistlock Intelligence Stream ensures the most precise, layer-aware, vulnerability analysis with zero false positives.

Runtime Security for IKS

From network and application firewalls, to runtime defense, to host protection, Twistlock is the only security tool you need to defend your applications running on IKS against vulnerabilities and security threats. Twistlock deploys natively on IKS to automatically provide automatically-created explicit allow list protection for every pod along with microservices-aware layer 3 and layer 7 firewalls.

Integrated with IBM Security Advisor

Twistlock integrates with IBM Security Advisor to provide you with cloud native data and alerts in one centralized dashboard. Aggregate vulnerability and compliance metrics with runtime security intelligence across environments to continuously monitor your cloud native applications on IBM Cloud.

“The rapid rise of cloud native applications is pushing enterprises to take a hard look at how security is integrated into application development and delivery at every level. The integration of Twistlock’s services into IBM Cloud Security Advisor gives IBM Cloud customers additional security and compliance capabilities so they can innovate with confidence.”

Dr. Nataraj Nagaratnam Distinguished Engineer and CTO for Cloud Security, IBM
Kubernetes Deployment & Security Patterns
Shine a light on answering the question: How well does Kubernetes work in production? Get data research and findings about Kubernetes deployment and security practices.