On the heels of a recent funding round, Twistlock launched version 2.1 of its container security platform with a new Cloud Native App Firewall feature that further fortifies container applications.
In some ways, Cloud Native App Firewall (CNAF) is a natural extension of Twistlock's technology. "Because Twistlock is running on every node in your cluster and because we deeply understand your apps through our machine learning models, we can combine these capabilities to do application layer firewalling in a new way," explained Twistlock CTO, John Morello.
"We call this our Cloud Native App Firewall, and it's designed specifically to leverage our proximity to the app and our knowledge of how it should behave to dynamically create application layer filters that automatically protect your apps regardless of where they happen to be running," continued Morello. "CNAF dynamically routes traffic sent to your app through our filtering engine and ensures only safe, clean traffic ever makes it to the app."
This level of protection is impractical, if not outright impossible to achieve with traditional security tools, added the Twistlock executive. Part of the reason Cloud Native App Firewall is so effective is that it customizes itself to each customer's unique container application environment and the intricacies therein.
"Every individual microservice and component can be protected in an application-tailored way because we understand not just the traffic but the actual app itself," Morello said. "We can operate more efficiently and scale to greater demand because we closely align the protection characteristics to each specific app; our app knowledge allows us to create policies that are highly optimized for each specific component based on the machine learning driven model we begin building all the way back in the CI [Continuous Integration] process."
What's more, implementing Cloud Native App Firewall is a low-maintenance affair. The technology requires no alterations to container setup images, Kubernetes configurations and other components, assured Morello.
Visit this blog post authored by Morello for an in-depth look at Twistlock's Cloud Native App Firewall technology.
Also new in Twistlock 2.1 is a Vulnerability Explorer tool that ranks the potential security risks affecting a particular container environment, allowing administrators to target and address critical risks. The updated security platform also features compliance alerting and enforcement in Jenkins, secret management platform integration (HashiCorp, CyberArk and more) and new vulnerability push alerting.