Twistlock for VMware Tanzu


The Twistlock Cloud Native Cybersecurity Platform provides full lifecycle security for containerized environments and cloud native apps. It’s purpose-built to deliver security for modern applications by embedding security controls directly into existing workflows. From pipeline to perimeter, Twistlock enables security teams to scale securely, and DevOps to deploy fearlessly.

Twistlock for VMware Tanzu lets organizations continuously scan droplets in their blobstores for vulnerabilities. The Twistlock Intelligence Stream sources vulnerability data from commercial vendors, 30+ upstream projects, and proprietary Twistlock Labs research. The Twistlock scanner can be integrated directly into your CI pipeline to pass or fail builds based on policy. Scan report data is available in open formats, including CSV and JSON. The comprehensive API makes it easy to integrate Twistlock data into larger central dashboards.

Key Features

Twistlock for VMware Tanzu lets you:

  • Continously scan droplets in your blobstores for vulnerabilities.
  • Review and share scan reports across the team (Developers, DevOps, and Security).
  • Raise alerts and route them to the right party when the scanner finds issues that violate policy (email, Slack, JIRA, and more).
  • Integrate scanning into your CI/CD pipeline with the command line scanner. Pass or fail builds based on policy.
  • Assess risk and pinpoint specific vulnerabilities in your environment with the Vulnerability Explorer.
  • Retrieve scan report data via the comprehensive API for deep integration with other tools, dashboards, and processes.

Product Snapshot

The following table provides version and version-support information for Twistlock for VMware Tanzu.

Element Details
Tile version 20.04.163
Release date April 30, 2020
Software component version 20.04.0
Compatible Ops Manager version(s) v2.7.x, v2.8.x
Compatible VMware Tanzu Application Service for VMs version(s) v2.7.x, v2.8.x
BOSH stemcell version Ubuntu Xenial
IaaS support All platforms


Twistlock for VMware Tanzu has the following requirements:

  • You have a Twistlock license.

  • You have installed Twistlock Console. Twistlock Console is delivered as a container image. You can run it on Pivotal Container Service (PKS) or a stand-alone virtual machine. For stand-alone virtual machines, use Twistlock Onebox, which lets you quickly install Twistlock components onto any Linux box with Docker Engine.


If you have a feature request, bug report, or other questions, email VMware Tanzu Feedback or go to the Prisma Cloud LIVE community page.


For help and troubleshooting, visit the Prisma Cloud LIVE community page.