New Twistlock Runtime Combats Active Threats Targeting Containerized Apps
May 13, 2016

Twistlock announced the release and immediate availability of Twistlock Runtime, a set of automated capabilities that defend against active threats targeting container environments.

This completely automated threat protection capability is designed specifically to detect and stop sophisticated runtime attacks -- including APTs and zero-day exploits -- against containerized applications.

Leveraging the immutable nature of containers, Twistlock Runtime utilizes a declarative security model to build runtime protection. It performs static and dynamic analysis of container images and derives a set of declarative "DNA" profiles for the containers. The profiles fuel both container-specific and global smart rules to protect the production environment from active threats. One example of a declarative profile is a set of whitelisted processes that should run inside a particular container, which Twistlock Runtime can build automatically from image analysis and use that to enforce the correct runtime behavior for protected environments.

"Declarative security is the only way to execute predictable and accurate runtime protection," said John Morello, CTO of Twistlock. "Twistlock Runtime represents a brand new way of approaching runtime security -- declarative, measurable and with minimal false positives. APTs and active threats invariably trip the profiles and the corresponding rules, and therefore can be detected by us. As more and more critical applications move to the container environment, Twistlock Runtime gives organizations a proactive defense layer that allows them to get ahead of the threat curve, while enabling the adoption of container technologies."

With Twistlock Runtime, system administrators, security and operations teams can declaratively stipulate security policies applied to hosts, container engines, containers and applications, while having the confidence that these policies are carried out in the production environment with minimal required manual overhead.

Twistlock Runtime offers many runtime defense features and benefits, including:

- Container DNA profiles: A feature that automatically builds runtime "DNA" profiles for each container based on static and dynamic analysis of the container image, and serves as the baseline for runtime anomaly and threat detection.

- Automated smart rules: The smart rules are derived from the profiles directly to enforce policies and desired behavior in runtime. They also respond to changing threats and environments, leading to adaptive and targeted protection.

- Enhanced commercial and proprietary threat intelligence: This includes leading commercial threat feeds as well as Twistlock's own threat research and is added on top of open source threat and vulnerability feeds that already power Twistlock's products.

- Dev-to-production security mechanism: The industry's first known approach -- which takes static analysis knowledge of container images and from that, directly derives runtime protection rules, as opposed to traditional security measures that involve disparate code analysis and runtime protection.

- Low management overhead: Twistlock Runtime doesn't require admins or Ops teams to manually administer defense mechanisms, tune policies, or play catch-up to the latest threats.

"Twistlock has once again carved a new path for developers innovating in container environments," said Ben Bernstein, CEO of Twistlock. "The launch of Twistlock Runtime, which follows the General Availability release of the Twistlock Container Security Suite and the free Developer Version, represents the next step in creating a comprehensive multi-layer security environment for containers, giving organizations the peace of mind they need to safely innovate in this space."

Twistlock's Container Security Suite, which was announced and released in November, is the only dev-to-protection security product available on the market today. Twistlock Runtime is a component within the Container Security Suite. Existing Twistlock customers can enable Twistlock Runtime as part of the product refresh. Twistlock's technology has been adopted by organizations across many industry verticals, including financial services, healthcare, media, hospitality, consumer technology services and government agencies. Many of these customers have deployed Twistlock in both development and mission-critical production environments, leveraging the solution to protect live services and valuable customer data.

Share this

Industry News

May 02, 2024

Parasoft announces the opening of its new office in Northeast Ohio.

May 02, 2024

Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.

May 02, 2024

Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.

May 02, 2024

Nokod Security announced the general availability of the Nokod Security Platform.

May 02, 2024

Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.

May 01, 2024

Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.

May 01, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.

May 01, 2024

ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.

May 01, 2024

Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.

May 01, 2024

Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.

April 30, 2024

Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.

April 30, 2024

Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.

April 30, 2024

F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.

April 29, 2024

Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.

April 29, 2024

WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.