Prisma
Cloud
Used by 25 percent of the Fortune 100,
Prisma Cloud which was earlier known as Twistlock provides an automated and
scalable container cybersecurity platform. Founded in 2015 by CEO Ben
Bernstein.
Key Features
The Prisma Cloud Platform provides
vulnerability management and compliance across the application lifecycle by
scanning images and serverless functions to prevent security and compliance
issues from progressing through the development pipeline, and continuously
monitoring all registries and environments.
Additionally, Prisma Cloud provides
defense in depth, with access control; automated, machine-learning driven
runtime defense; and cloud native firewalls to protect modern applications from
threats.
Ques : What Is Prisma Cloud(Twistlock)?
Prisma
Cloud is a rule-based access control policy system for Docker and Kubernetes
containers.
Prisma Cloud is able to be fully integrated within Docker and able
to verify security policies.
Security
policies can set the conditions for users to, say, create new containers but
not delete them; or, they can launch containers but aren’t allowed to push code
to them. Prisma Cloud features the same policy management rules as those
on Kubernetes, wherein a user can modify management policies but cannot delete
them.
Prisma Cloud also handles image scanning.
Users can scan an entire container image, including any packaged Docker
application or Node.js component. Prisma Cloud has done its due-diligence in
this area, correlating with RedHat and Mirantis to ensure no container is left
vulnerable while a scan is running.
Prisma Cloud also deals with image scanning
of containers within the registries themselves.
Prisma Cloud has the proficiency to
articulate a policy on a user-by-user basis, working with customers to
customize container security solutions that work for their particular use
cases.
Docker
is Prisma Cloud’s current focus. In fact, Prisma Cloud was written in Go,
primarily because of the focus the company has within the Go-driven
Docker ecosystem.
Product Performance
Metrics
Prisma Cloud is automatically deployed,
and relies on behavioral
learning to automatically create and enforce security profiles/models. Prisma
Cloud has helped customers identify vulnerabilities in thousands of images,
blocked thousands of builds of vulnerable images, enforced compliance with
security standards for thousands of deployments, and identified compromised
containers and hosts at hundreds of customers.
Delivery
Prisma
Cloud runs entirely within customer environments with no required connectivity.
Install the Prisma Cloud (Twistlock) App and view the Dashboards
https://help.sumologic.com/01Start-Here/Quick-Start-Tutorials/Hands-on_Labs%3A_Advanced_Metrics_with_Kubernetes/Lab-4-Install_the_Twistlock_App_and_view_the_Dashboards
Vulnerability
Information
Scan your Docker image and dependencies
for vulnerabilities known to Prisma Cloud. Expose vulnerabilities to your
developers and information on fixes in CI.
Set VULNERABILTY_THRESHOLD [ low, medium,
high, critical ] in your source-code pipeline and prevent vulnerabilities from
being introduced into your application. Keep your Docker image secure and
fail your pipelines before you merge vulnerabilities into your protected
branches.
Prisma Cloud is—in simple terms—a full
stack security suite. It handles everything from A to Z, including automated
forensics, securing your host, scanning for pods vulnerabilities, and providing
additional layers of protection in the form of firewalls and compliance checks.
The six tools that stand out among the many that Prisma Cloud now provides are:
Runtime Defense:
Through automation, routine
evaluations, and machine learning, Prisma Cloud can identify potential issues
with your container runtime. It can even recommend solutions and changes to
make, all in an automated way.
Cloud-Native Firewalls:
Firewalls are still necessary no matter
how secure your system is; you can never be too careful with services running
in the cloud. Adding network security that is designed from the ground up for
cloud applications is indeed a huge plus.
CI/CD Integration:
Since Prisma Cloud has its own
evaluation and automation tools, it can be used as part of an agile CI/CD
Workflow. While new services and updates are deployed, Prisma Cloud will do its
job of securing the entire cloud environment all over again. Prisma Cloud also
provides a Jenkins plugin to incorporate vulnerability and compliance scanning
into the build phase.
Advanced Access Control:
Prisma Cloud can even scan your
images and make sure that the minimum required privileges are the only ones
assigned. This is a tedious process when done manually, but the security suite
makes it look very easy.
Vulnerability Testing:
In addition, we have Prisma Cloud’s
ability to mount prevention tactics by reporting vulnerabilities for host,
images, and containers. The tool goes well beyond container scanning for
vulnerabilities by also providing segmentation, IPS, and cloud-native
capabilities. It provides nice dashboards, and list filtering capabilities.
It’s also possible to export the findings to CSV which can then be imported to
other platforms if needed. Rather than being on the defensive all the time, you
can use Prisma Cloud to do vulnerability testing and reinforce your cloud with
security measures that will prevent attacks.
