HyTrust and Twistlock both unveiled updates to their cloud security platforms, which include greater control over workloads running in virtual machines (VMs), containers, and public cloud deployments.
For HyTrust the update involves the launch of its CloudControl for Container edition that runs on top of its broader – and also updated – CloudControl platform. The container edition updates are focused on control over the integrity of an image used to construct a container. This is handled by software analysis used to determine who has the ability to deploy what image and where.
There is also a runtime monitoring aspect that scans containers in a production environment for any policy violations. And a new configuration hardening process looks at the entire stack from the underlying infrastructure to a Kubernetes cluster.
“We can look at a Kubernetes cluster running on a virtual machine and look at the configuration of both to make sure they are hardened,” explained Fred Kost, senior vice president of marketing at HyTrust.
Dealing with containers in a production environment can be tricky. Analysts have warned against attempting to tamper with those running containers as they can impede the supported application. Instead, they recommend that organizations keep their hands off containers in production.
The HyTrust container update also adds to the company’s focus on workload security. This includes workloads across VMs, containers, or microservices.
“Containers are really just an abstraction or different destination for that data,” Kost said. “A lot of what’s being done is not revolutionary in security, and these are things that we have been doing in other environments.”
The broader CloudControl updates are focused on adding compliance control for companies using Amazon Web Services (AWS) for public cloud. This includes protection against accidental exposure or tampering of AWS Simple Storage Solution (S3) Buckets. An AWS Bucket is used to store data and metadata.
Kost said that HyTrust brings a broader view to cloud security than rivals. And HyTrust also improves on base security options offered by the larger cloud providers, which are often limited to those specific platforms.
“If you are using a single cloud provider, then they can offer a pretty solid platform for security,” Kost said. “We’re not trying to compete head-to-head with that. But as a customer goes to a multi-cloud environment we can provide that single pane of glass view.”
He was also upfront in stating HyTrust’s broader view bleeds into its market focus.
“We are not necessarily targeting cloud-native companies that are solely focused on running their workloads in containers,” Kost explained. “Rather we are looking to work with companies that have both on-premises and container deployments.”
These customers typically include large financial institutions that are still very reliant on private cloud or on-premises deployments but are looking to offload some work to the public cloud and containers.
“We are seeing customers that want to tie together their on-premises security plans with containers running in a public cloud environment,” Kost explained. “We continue to see customers moving toward the use of containers, though actual production usage still remains low.”
Twistlock Targets VMs
Twistlock also updated its long-standing cloud security platform with a greater focus on workloads running in VMs. The update builds on past work that was focused on securing containers and serverless computing deployments.
The company’s Twistlock 2.4 platform now encompasses all cloud-native environments, including Linux and Windows Servers. This involves protection in runtime, vulnerability management, compliance, and access capabilities.
Twistlock CTO John Morello said that the expanded focus was important for its customer base that is increasingly relying on more diverse hybrid cloud deployments.
“We have some customers with more than 10,000 hosts and customers with multiple, compartmentalized environments, so it’s critical that we offer solutions for hybrid environments and infinite scale,” Morello noted in a statement.
Twistlock’s previous update was its first to handle both containers and serverless computing on the same platform. That update added resources tied to research on container escape attacks and other vulnerabilities in cloud-native components. For serverless, the update adopted using the same data sources for identifying vulnerabilities in serverless functions that it uses for container image analysis.