US Security business Twistlock claims to be the first business to provide an end-to-end enterprise security solution for containers with its Twistlock Suite. The open-source solution protects containers throughout the application development lifecycle by ensuring that they are compliant with security policies at every stage, from early development through deployment.
The new vulnerability analysis component detects the existence of CVE (Common Vulnerabilities and Exposures) in Docker images using a combination of CVE feeds from major vendors, government and open-source providers. The component supports the analysis of native Linux binaries, including executables and linked libraries, Java Archives (JARs), Python packages, and Ruby gems within the Docker image.
Additionally Suite includes the ability to scan on-the-fly Docker images and libraries and packages that are in use hence reducing the false positives rate and allowing customers to prioritise security risks. The solution also includes support for on premises Docker registry scanning.
"We are especially excited about the integration of comprehensive image analysis within our product offering," said Ben Bernstein, CEO. "Twistlock's ability to integrate this capability into our container security suite helps our customers keep their containers secure as threats continue to evolve and increase and we're proud to be the first company to bring this capability to market."
Twistlock integrates with all popular cloud based Docker providers, including Amazon, Azure, Google Container Engine and RackSpace. The business which launched its first product this May, is working with the virtual container leaders, Docker, and the broader ecosystem, including major operating system providers (e.g. Microsoft, Redhat), virtual data center providers (e.g. VMware, Microsoft), and cloud service providers (e.g. Google, Amazon Web Services, Microsoft Azure, and Rackspace), to improve the overall security of containers through the efforts of the open source community.