Twistlock

twistlock

A Security Primer for System Architects

System architects (which means IT professionals who design platforms and infrastructures) have lots of things to think about when they do their work. Performance and availability are essential considerations. So are legacy compatibility, future-proofing, and scalability. Security wasn’t always high on the list of priorities for system architects. Traditionally, security was someone else’s job. But that has changed.

twistlock

The Security Demands of Multi-Cloud Infrastructure

A multi-cloud infrastructure is any type of IT infrastructure that mixes a public or private cloud with at least one other type of environment. Hybrid clouds, which combine public or private cloud infrastructures with an on-premises environment, are one example of a multi-cloud infrastructure. Companies that choose to use more than one public cloud (such as AWS and Azure) at once are also relying on a multi-cloud infrastructure.

twistlock

What to Look for in a Secure Container Registry

Container registry security is easy to overlook. But you fail to secure container registries at your peril. This is true whether you use containers from public registries, private registries, or both. Your container ecosystem is only as secure as its least secure container — and that container’s security depends, in part, on the registry from which you pulled the original container image. Why is this true? We’ll explain in this post.

twistlock

The “IT Security Team” Is a Myth

In a perfect world, every organization would have a dedicated team of IT security experts whose sole mission was to enforce security best practices and address vulnerabilities across all layers of the organization. These people would spend their days making sure the code developers write is as secure as possible, checking and double-checking access control configurations, scanning container images for the least sign of trouble, and keeping the DDoS botnets at bay.

twistlock

Container Security Considerations for Today

Docker has been around for six years. In that time, lots of ink has been spilled (or pixels fired) about container security. A lot of the articles out there on container security are still helpful. But the fact is that Docker (and the broader stack of tools that you now use to deploy containers) have evolved substantially over the past six years. A list of container security tips from three or four years ago may no longer be relevant today.