How we are different

Discover and Protect Services Across Hybrid Cloud Environments: As providers continue to add new cloud native services, it becomes increasingly difficult for customers to ensure the apps running on them are protected. 18.11 introduced Cloud Platform Compliance, which allows customers to centrally discover all cloud native services in use across AWS, Microsoft Azure, and Google Cloud Platform (GCP), across all accounts, and in every region. Cloud Platform Compliance continuously monitors these accounts to detect when rogue services are added, and alerts end users to avoid risks introduced by rogue deployments, abandoned environments, and environments not being protected by Twistlock.
Compliance and Security Configuration Checks for Istio Service Mesh: Istio is one of the most interesting new technologies in this space because it helps simplify many formerly difficult aspects of running microservices. Notably, Istio provides load balancing, fine grained traffic routing, TLS everywhere, and service centric RBAC. What Istio doesn’t provide natively, though, is a simple way to visualize and understand interconnectivity between services. In 18.11, Twistlock integrates with Istio to discover this service mesh and uses this data to enrich the radar with details about protocols and service roles used with Istio.
Kubernetes Service Account Monitoring and Visualization: Twistlock 18.11 includes a first of-its-kind discovery and monitoring tool for Kubernetes service accounts. Integrated into the Radar dashboard, every service account associated with every resource in a cluster can be easily viewed, so that security staff can easily understand role configuration, assess the level of access provided to each service account, and mitigate risks associated with overly broad permissions. For each account, Twistlock shows detailed metadata describing the resources it has access to and the level of access it has to each of them.