New Twistlock Runtime Combats Active Threats Targeting Containerized Apps
May 13, 2016

Twistlock announced the release and immediate availability of Twistlock Runtime, a set of automated capabilities that defend against active threats targeting container environments.

This completely automated threat protection capability is designed specifically to detect and stop sophisticated runtime attacks -- including APTs and zero-day exploits -- against containerized applications.

Leveraging the immutable nature of containers, Twistlock Runtime utilizes a declarative security model to build runtime protection. It performs static and dynamic analysis of container images and derives a set of declarative "DNA" profiles for the containers. The profiles fuel both container-specific and global smart rules to protect the production environment from active threats. One example of a declarative profile is a set of whitelisted processes that should run inside a particular container, which Twistlock Runtime can build automatically from image analysis and use that to enforce the correct runtime behavior for protected environments.

"Declarative security is the only way to execute predictable and accurate runtime protection," said John Morello, CTO of Twistlock. "Twistlock Runtime represents a brand new way of approaching runtime security -- declarative, measurable and with minimal false positives. APTs and active threats invariably trip the profiles and the corresponding rules, and therefore can be detected by us. As more and more critical applications move to the container environment, Twistlock Runtime gives organizations a proactive defense layer that allows them to get ahead of the threat curve, while enabling the adoption of container technologies."

With Twistlock Runtime, system administrators, security and operations teams can declaratively stipulate security policies applied to hosts, container engines, containers and applications, while having the confidence that these policies are carried out in the production environment with minimal required manual overhead.

Twistlock Runtime offers many runtime defense features and benefits, including:

- Container DNA profiles: A feature that automatically builds runtime "DNA" profiles for each container based on static and dynamic analysis of the container image, and serves as the baseline for runtime anomaly and threat detection.

- Automated smart rules: The smart rules are derived from the profiles directly to enforce policies and desired behavior in runtime. They also respond to changing threats and environments, leading to adaptive and targeted protection.

- Enhanced commercial and proprietary threat intelligence: This includes leading commercial threat feeds as well as Twistlock's own threat research and is added on top of open source threat and vulnerability feeds that already power Twistlock's products.

- Dev-to-production security mechanism: The industry's first known approach -- which takes static analysis knowledge of container images and from that, directly derives runtime protection rules, as opposed to traditional security measures that involve disparate code analysis and runtime protection.

- Low management overhead: Twistlock Runtime doesn't require admins or Ops teams to manually administer defense mechanisms, tune policies, or play catch-up to the latest threats.

"Twistlock has once again carved a new path for developers innovating in container environments," said Ben Bernstein, CEO of Twistlock. "The launch of Twistlock Runtime, which follows the General Availability release of the Twistlock Container Security Suite and the free Developer Version, represents the next step in creating a comprehensive multi-layer security environment for containers, giving organizations the peace of mind they need to safely innovate in this space."

Twistlock's Container Security Suite, which was announced and released in November, is the only dev-to-protection security product available on the market today. Twistlock Runtime is a component within the Container Security Suite. Existing Twistlock customers can enable Twistlock Runtime as part of the product refresh. Twistlock's technology has been adopted by organizations across many industry verticals, including financial services, healthcare, media, hospitality, consumer technology services and government agencies. Many of these customers have deployed Twistlock in both development and mission-critical production environments, leveraging the solution to protect live services and valuable customer data.

Share this

Industry News

December 07, 2023

Check Point® Software Technologies Ltd. announced its position as a leading vendor in GigaOm’s inaugural Radar for Cloud Network Security.

December 07, 2023

Sindri, a zero-knowledge proof infrastructure platform, announces the closure of a $5M seed financing round.

December 06, 2023

ngrok unveiled its JavaScript and Python SDKs, enabling developers to programmatically serve their applications and manage traffic by embedding ingress with a single line of code.

December 06, 2023

Data Theorem introduced API Attack Path Visualization capabilities for the protection of APIs and the software supply chain.

December 05, 2023

Security Journey announced support for WCAG, SCIM and continued compliance with SOC2 Type 2, which are leading industry standards.

December 05, 2023

Vercel announced a new suite of features for its Developer Experience (DX) Platform, made for enterprise teams with large codebases.

December 04, 2023

Atlassian Corporation has completed the acquisition of Loom, a video messaging platform that helps users communicate through instantly shareable videos.

December 04, 2023

Orca Security announced that the Orca Cloud Security Platform has achieved the Amazon Web Services (AWS) Built-in Competency.

November 30, 2023

Parasoft, a global leader in automated software testing solutions, today announced complete support for MISRA C++ 2023 with the upcoming release of Parasoft C/C++test 2023.2.

November 30, 2023 achieved the Amazon Elastic Kubernetes Service (Amazon EKS) Ready designation from Amazon Web Services (AWS).

November 29, 2023

CircleCI implemented a gen2 GPU resource class, leveraging Amazon Elastic Compute Cloud (Amazon EC2) G5 instances, offering the latest generation of NVIDIA GPUs and new images tailored for artificial intelligence/machine learning (AI/ML) workflows.

November 29, 2023

XM Cyber announced new capabilities that provide complete and continuous visibility into risks and vulnerabilities in Kubernetes environments.

November 29, 2023

PerfectScale has achieved the Amazon Elastic Kubernetes Service (Amazon EKS) Ready designation from Amazon Web Services (AWS).

November 28, 2023

BMC announced two new product innovations, BMC AMI DevX Code Insights and BMC AMI zAdviser Enterprise.

November 28, 2023

Rafay Systems announced the availability of the Rafay Cloud Automation Platform — the evolution of its Kubernetes Operations Platform — to enable platform teams to deliver automation and self-service capabilities to developers, data scientists and other cloud users.