Container security vendor Twistlock is updating its namesake platform with a 2.0 release that aims to improve container visibility and security.
Twistlock unveiled its container security platform in November 2015, providing runtime security options for container deployments. The platform has evolved since then with a steady stream of updates. The new Twistlock 2.0 update includes several enhanced container security capabilities as well as a new back-end code infrastructure.
Prior to the 2.0 update, Twistlock used the open-source node.js JavaScript framework as the back-end coding technology, according to John Morello, CTO of Twistlock. As the scale and demands of Twistlock’s customer base grew, there were some scaling limitations with node.js. To expand the scalability of Twistlock, the company ported the Twistlock 2.0 back end to the open-source Go programming language.
Since Twistlock is deployed as a container, users won’t notice the shift to the Go back end from a usability perspective, but they will notice a difference with performance, Morello said. He added that the new Go-based Twistlock 2.0 back end has reduced memory consumption and better responsiveness overall.
With Twistlock 2.0, the company is adding its new Runtime Radar 2.0 capability, providing improved container interaction visibility. Morello explained that in prior releases of Runtime Radar, the feature showed administrators all of the containers running in an environment and how those containers connect to different services.
“In the past, we just showed a static view that was just about connectivity,” Morello told eWEEK. “In Runtime Radar 2.0 we now overlay a rich set of data about what is going on in an environment.”
So instead of simply identifying that one container image connects to another over a specific network port, Runtime Radar 2.0 will now provide contextual information about the given images. That information can include the vulnerability and compliance status for a container image, in an effort to provide an accurate representation of risk.
In previous releases of Twistlock, the Runtime Radar had relatively limited enforcement capabilities, Morello said.
“What we’re doing in Runtime Radar 2.0 is we learn all the connectivity patterns and we learn them in the context of whatever orchestration tool you are using,” he said.