Twistlock for PCF

Overview

The Twistlock Cloud Native Cybersecurity Platform provides full lifecycle security for containerized environments and cloud native apps. It’s purpose-built to deliver security for modern applications by embedding security controls directly into existing workflows. From pipeline to perimeter, Twistlock enables security teams to scale securely, and DevOps to deploy fearlessly.

Twistlock for PCF lets organizations continuously scan droplets in their blobstores for vulnerabilities. The Twistlock Intelligence Stream sources vulnerability data from commercial vendors, 30+ upstream projects, and proprietary Twistlock Labs research. The Twistlock scanner can be integrated directly into your CI pipeline to pass or fail builds based on policy. Scan report data is available in open formats, including CSV and JSON. The comprehensive API makes it easy to integrate Twistlock data into larger central dashboards.

Key Features

Twistlock for PCF lets you:

  • Continously scan droplets in your blobstores for vulnerabilities.
  • Review and share scan reports across the team (Developers, DevOps, and Security).
  • Raise alerts and route them to the right party when the scanner finds issues that violate policy (email, Slack, JIRA, and more).
  • Integrate scanning into your CI/CD pipeline with the command line scanner. Pass or fail builds based on policy.
  • Assess risk and pinpoint specific vulnerabilities in your environment with the Vulnerability Explorer.
  • Retrieve scan report data via the comprehensive API for deep integration with other tools, dashboards, and processes.

Product Snapshot

The following table provides version and version-support information for Twistlock for PCF.

Element Details
Tile version 19.03.321
Release date May 14, 2019
Software component version 19.03.0
Compatible Ops Manager version(s) v2.3.x, v2.4,x, and v2.5.x
Compatible Pivotal Application Service version(s) v2.3.x, v2.4.x, and v2.5.x
BOSH stemcell version Ubuntu Xenial
IaaS support All platforms

Requirements

Twistlock for PCF has the following requirements:

  • You have a Twistlock license.

  • You have installed Twistlock Console. Twistlock Console is delivered as a container image. You can run it on Pivotal Container Service (PKS) or a stand-alone virtual machine. For stand-alone virtual machines, use Twistlock Onebox, which lets you quickly install Twistlock components onto any Linux box with Docker Engine.

Feedback

If you have a feature request, bug report, or other questions, email Pivotal Cloud Foundry Feedback or Twistlock Support.

Troubleshooting

For help and troubleshooting, contact Twistlock Support.

Create a pull request or raise an issue on the source for this page in GitHub