Twistlock for PCF
The Twistlock Cloud Native Cybersecurity Platform provides full lifecycle security for containerized environments and cloud native apps. It’s purpose-built to deliver security for modern applications by embedding security controls directly into existing workflows. From pipeline to perimeter, Twistlock enables security teams to scale securely, and DevOps to deploy fearlessly.
Twistlock for PCF lets organizations continuously scan droplets in their blobstores for vulnerabilities. The Twistlock Intelligence Stream sources vulnerability data from commercial vendors, 30+ upstream projects, and proprietary Twistlock Labs research. The Twistlock scanner can be integrated directly into your CI pipeline to pass or fail builds based on policy. Scan report data is available in open formats, including CSV and JSON. The comprehensive API makes it easy to integrate Twistlock data into larger central dashboards.
Twistlock for PCF lets you:
- Continously scan droplets in your blobstores for vulnerabilities.
- Review and share scan reports across the team (Developers, DevOps, and Security).
- Raise alerts and route them to the right party when the scanner finds issues that violate policy (email, Slack, JIRA, and more).
- Integrate scanning into your CI/CD pipeline with the command line scanner. Pass or fail builds based on policy.
- Assess risk and pinpoint specific vulnerabilities in your environment with the Vulnerability Explorer.
- Retrieve scan report data via the comprehensive API for deep integration with other tools, dashboards, and processes.
The following table provides version and version-support information for Twistlock for PCF.
|Release date||May 14, 2019|
|Software component version||19.03.0|
|Compatible Ops Manager version(s)||v2.3.x, v2.4,x, and v2.5.x|
|Compatible Pivotal Application Service version(s)||v2.3.x, v2.4.x, and v2.5.x|
|BOSH stemcell version||Ubuntu Xenial|
|IaaS support||All platforms|
Twistlock for PCF has the following requirements:
You have a Twistlock license.
You have installed Twistlock Console. Twistlock Console is delivered as a container image. You can run it on Pivotal Container Service (PKS) or a stand-alone virtual machine. For stand-alone virtual machines, use Twistlock Onebox, which lets you quickly install Twistlock components onto any Linux box with Docker Engine.
For help and troubleshooting, contact Twistlock Support.