Portland, OR, USA
Jul 11, 2019   |  By Theo Despoudis
Container security is obviously a multi-layered affair. Also, many of the layers you need to secure and monitor exist outside containers themselves.The end result is the whole stack is secured, including registries and orchestrators. One critical layer consists of the host operating system and the kernel that powers it. In this article, I take a look at how to secure the container host, with a focus on kernel-level security.
Jul 9, 2019   |  By John Morello
Today, Twistlock officially becomes part of Palo Alto Networks. This is the end of an amazing chapter in many of our lives, one that would never have been possible without the support and trust of you, our customers. From the very beginning, we knew we wanted to not just build a better enterprise security product but to be a better, genuine partner to our customers.
Jul 8, 2019   |  By Twain Taylor
Your CI/CD pipeline helps you achieve fast and efficient application delivery — but it does not necessarily keep your applications secure. While CI/CD offers many advantages, the speed and lack of manual oversight associated with CI/CD processes can also create new security risks. Those risks can be managed, but only if you place security front and center within your CI/CD pipeline. Below, I explain common security oversights in CI/CD chains, and how to address them.
Jul 1, 2019   |  By Paul Fox
This technical deep dive highlights key capabilities released as part of Twistlock 19.07. To learn more about what’s included with Twistlock 19.07, check out our full release blog post. In a previous blog post, we demonstrated Twistlock security capabilities for Windows containers and hosts. The last year has continued exponential growth in the adoption of Microsoft Azure and microservices.
Jun 27, 2019   |  By Matthew Barker
As our own John Morello, Twistock CTO, so eloquently covered in his Trusted Images: Integral to Container Security blog, the use of trusted images is “one of the most critical security controls for any containerized environment”. The path to efficiently secure containerized applications is three fold.
Feb 5, 2019   |  By Twistlock
While organizations at first tended to view the cloud as a complement to their existing infrastructures, cloud-based resources and services have evolved into the default means of deploying applications. Cloud adoption rates across a range of businesses and industries have reached 96 percent, and almost 90 percent of all data center workloads run in the cloud.
Feb 5, 2019   |  By Twistlock
This is the 2nd ebook from The New Stack’s series focused on the Kubernetes ecosystem. Unlike the 1st ebook that centered on the state of the Kubernetes ecosystem, this ebook shines a light on answering the question: How well does Kubernetes work in production?
Feb 1, 2019   |  By Twistlock
Organizations moving their software assets into the cloud are discovering that when it comes to IT security, they have entered an alternate universe. It’s a place where security objectives have not changed, but the way to achieve them is completely different. Is this a safe place? How are people managing their cloud native security?
Feb 1, 2019   |  By Twistlock
As organizations look to build, deploy and manage cloud-native applications at scale, many are evaluating and choosing Kubernetes ecosystem. The New Stack provides an in-depth look at Kubernetes and the ecosystem that has emerged around this leading container orchestration tool. This ebook serves as a primer for both newcomers, assessors and implementers who are looking to make the most of the ecosystem of products and services emerging around Kubernetes.
Jan 1, 2019   |  By Twistlock
As containers gain mainstream momentum, the cloud native ecosystem is experiencing rapid growth of new technologies and projects that are spinning off and expanding from the initial core of containers. One particularly intense area of innovation is in workload deployment/management. There are many options in the cloud-native environment and the differences between these technologies are often small and nuanced.
Jun 20, 2019   |  By Twistlock
Development, operations, and security have historically been seen as separate responsibilities - with different owners, priorities, and different degrees relevance as an app was built and deployed.
Jun 17, 2019   |  By Twistlock
Twistlock supports EC2, ECR, ECS, EKS, AWS Fargate, Security Hub, and AWS Lambda. Twistlock can automatically discover all the cloud native services you’re using across all your accounts and regions and show you a global view their relative risk state.
Jun 11, 2019   |  By Twistlock
Twistlock CTO John Morello describes a metaphor for running VMs the old way VS. running VMs the new way as "Cattle VS. Pets".
Jun 4, 2019   |  By Twistlock
Twistlock CTO John Morello defines the term Cloud Native Workload Protection, and how it relates to Twistlock's foundational focus on containers.
Jun 4, 2019   |  By Twistlock
Twistlock CTO John Morello whiteboards the evolving security needs of a cloud native organization, including:
    , Underlying compute options for running cloud native applications (eg. VMs, containers, serverless), Private and/or Public clouds, potentially w/different providers, Ancillary services that you used to enable that cloud native application (eg. orchestrators, registries, ci/cd tools)