Twistlock adds automated cloud native forensics to its cybersecurity platform

Twistlock announced the release of Twistlock 2.5, the 14th release of its platform. Twistlock 2.5 provides enterprises with real time incident response and forensics capabilities designed to complement the defense in depth offered by Twistlock’s full lifecycle, full stack approach to application security.

Twistlock 2.5 introduces cloud native forensics capabilities to the Twistlock Platform. This feature provides automated forensic data collection and correlation across cloud native environments of any size with no additional resource overhead.

Twistlock maintains a spool of process and network activity on each node in your environment, and centralizes and correlates this data in the Twistlock Console only when an incident is detected.

This approach minimizes network overhead while ensuring visibility into the state of your applications prior to compromise than allowed by traditional forensic solutions.

“As more of our customers scale out their cloud native environments, they’re finding that traditional forensic solutions don’t keep up – they’re not built for microservices, and the resource load needed to effectively collect and surface data slows down the production environment,” said John Morello, CTO, Twistlock.

“With the new forensic capabilities in Twistlock 2.5, we’re providing a fully cloud native approach that captures and stores forensic data pre-attack in a lightweight, decentralized fashion that can scale with even the most complex environment – yet still surface actionable signals in real time.”

Additionally with Twistlock 2.5, customers using Amazon Web Services Fargate can now protect their containers using Twistlock’s same centralized policy creation and automated enforcement.

Unlike existing AWS Fargate security solutions that require manual configuration by application developers, Twistlock allows security teams to enforce security policy in AWS Fargate applications from the same central console used to protect the rest of the cloud native environment.

Twistlock 2.5 also marks the general availability of Twistlock’s runtime defense for serverless functions, first announced in June.

With this release, teams building applications to run in AWS Lambda or other serverless environments can now protect their functions from attack with the same automated policy deployment and centralized console used to protect the rest of their cloud native stack.

This functionality builds on Twistlock’s existing support for vulnerability management within serverless functions – ensuring that cloud native applications are protected no matter how they’re deployed.

Share this