Twistlock Releases Twistlock 2.2 with Incident Explorer to Arm Enterprises with More Actionable Intelligence to Thwart Attacks

SAN FRANCISCO, Sept. 21, 2017 /PRNewswire/-- Twistlock, the leading provider of container and cloud-native security solutions, today announced the availability of Twistlock 2.2. The latest release of Twistlock focuses on advanced threat analytics and prevention and includes several machine learning driven layers such as a Cloud Native Network Firewall and Incident Explorer. In addition, the release provides runtime defense down to the host OS and delivers comprehensive compliance monitoring and enforcement for Kubernetes.

Twistlock Incident Explorer applies machine learning to identify attack patterns in an organization's container environment and display security incidents in a clear, actionable format. Rather than requiring users to manually sift through data and correlate multiple actions from multiple sensors, Incident Explorer automatically builds a chain of events to give full visibility into an attack by highlighting key indicators ? enabling more rapid and effective incident response.

"Twistlock 2.2 broadens our application of machine learning into new spaces, like automatically building a full layer 3 firewall mesh for all your containerized apps and identifying sophisticated, multi-vector attack patterns against them," said John Morello, Twistlock Chief Technology Officer. "Using Twistlock, organizations have a centralized, comprehensive cybersecurity platform for protecting containers and cloud native apps against real world attackers and APTs."

Incident Explorer
Incident Explorer is a new stand-out feature designed to apply machine intelligence to the correlation and analysis of events that span multiple actions and sensors. In the case of a compromised containerized app, Incident Explorer automatically identifies and correlates multiple chains of events automatically, highlighting key indicators from both our behavioral and threat based sensors. When an attack occurs, rather than manually sifting through individual event and sensor data, an organization can be alerted to and view attack patterns in a clear, digestible format and, ultimately, respond to incidents much more quickly and effectively.

Cloud Native Network Firewall
Cloud Native Network Firewall applies Twistlock's machine learning to model inter-container network behaviors at layer 3, understanding sources, destination, ports, and flows in a container centric way - between containers, pods, and services, rather than focusing on raw IPs. This enables Twistlock to automatically build layer 3 firewalls for every part of every app, without requiring any manual configuration or supervised learning. CNNF works across all orchestration platforms and enables organization to compartmentalize traffic per app without any changes to the images, containers, or orchestrators, and works on any cloud.

Additional new capabilities and features available in Twistlock 2.2 include:

    --  Runtime defense for container hosts: In 2.2, our promise is simple:
        Twistlock is the only security platform you need on a host running
        containers. We've long provided threat based runtime defense (IP
        reputation and malware) for your host OS, but in 2.2, we're delivering
        the same predictive model driven runtime defense as well. Obviously, a
        host is different than a container and is far more likely to change over
        time as it's updated and upgraded. Thus, we've tuned the ML algorithms
        we use for building models to create models that are optimized for host
        scenarios but provide the same automatic protection and explicit allow
        list approach to runtime security.
    --  Native deployment on Swarm: In 2.0 and 2.1, Twistlock delivered a native
        experience for deploying and running Twistlock as pods and Daemon Sets
        on Kubernetes. In 2.2, Twistlock has added similar capabilities for
        Docker Swarm. If an organization is running Swarm as their orchestrator,
        they can now run Console as a service ? relying on Swarm for providing
        built in high availability ? and Defender as a global service. Whether 5
        nodes or 500 nodes in a Swarm cluster, each can be protected with
        Twistlock in just a few clicks, in a couple of minutes.
    --  Slack and JIRA push alerts: One of Twistlock's guiding principles is to
        ensure data is open and accessible, which more practically has meant
        supporting a diverse set of integrations for alerting and monitoring. In
        previous releases, integration with Slack and JIRA has been available
        via email. In 2.2, Twistlock takes this a step further, providing native
        Slack and JIRA integration in the box. This integration also includes
        centralized and simplified alert profiles, giving users control and
        granularity to define different providers and targets per rule, but with
        the ability to assign all of these from a central alert configuration
        page.
    --  Compliance monitoring and enforcement for Kubernetes: Twistlock is proud
        to have contributed to the Kubernetes CIS Benchmark, which builds on the
        company's many other compliance focused contributions in the community,
        like NIST SP 800-190 and guides for PCI and HIPAA in containerized
        environments. In 2.2, Twistlock has added support for all 106 settings
        in the Kubernetes benchmark. Not only can organizations assess their
        compliance with these recommendations, but also actively enforce them.
        Even more valuably, the Twistlock Labs research team has analyzed each
        of the sections in the Kubernetes CIS Benchmark and scored them based on
        criticality, so organizations have a clear set of guidelines to enforce
        adherence to the controls that are most important to their company.

To learn more about Twistlock 2.2, please visit our website.

Additional Resources:

    --  Check out the Twistlock blog
    --  Follow us on Twitter
    --  Follow us on LinkedIn

About Twistlock
Twistlock is the leading provider of container and cloud native cybersecurity solutions for modern applications. From precise, actionable vulnerability management to automatically deployed runtime protection and firewalls, Twistlock protects applications across the development lifecycle and into production. Purpose built for containers, serverless, and other leading technologies - Twistlock gives developers the speed they want, and CISOs the controls they need. Twistlock's mission is to provide a full, enterprise-grade security stack for containers, so organizations can confidently adopt and maximize the benefits of containers in their production environment. For more information, please visit www.twistlock.com.

Twistlock Contacts
Jeannie Christensen
415.341.6713
jeannie@twistlock.com

Media Relations
Rachel Nelson
415-299-6600
twistlock@inkhouse.com

View original content with multimedia:http://www.prnewswire.com/news-releases/twistlock-releases-twistlock-22-with-incident-explorer-to-arm-enterprises-with-more-actionable-intelligence-to-thwart-attacks-300523527.html

SOURCE Twistlock