Created with Sketch.
Cloud Native Security Podcast
22 minutes | Jun 11, 2019
EP 28 - Exploring the Twistlock Radar
In this episode, Nerya and Reut discuss the process of creating the Radar in Twistlock, which is the homebase for discovering and managing security across your cloud native assets.
12 minutes | Jun 4, 2019
EP 27 - Custom Audit Rules
In this episode, Neil walks us through how to create custom audit rules to check if someone is tampering with the Twistlock daemonset.You can use this approach to create your own custom rules for almost anything using the right JSON properties and strings.
7 minutes | May 23, 2019
EP 26 - Falco Vulnerability
In this episode, Aviv dives into the vulnerability discovered in Sysdig Falco which allows someone to create a buffer overrun that completely bypasses all of Falco's normal functionality.
5 minutes | May 14, 2019
EP 25 - File Integrity Monitoring
In this episode, Kevin demonstrates the new File Integrity Monitoring feature in Twistlock 19.03.
27 minutes | May 8, 2019
EP 24 - Operator Hub Integration
In this episode, Jeremy talks through and demonstrates how we've slipstreamed Twistlock Console installation and deployment into the Operator Hub mechanisms.
16 minutes | May 7, 2019
EP 23 - How We Built It - ACI Virtual Nodes
In this episode, Michael discusses how the Twistlock dev team built the ACI Virtual Node protection feature in Twistlock 19.03. We also discuss the differences in technology between Azure Container Instances and AWS Fargate.
11 minutes | May 2, 2019
EP 22 - Twistlock 19.03 - Native Helm Charts
In this episode, Michael walks through the new Native Helm support in Twistlock 19.03, detailing the configuration steps necessary to enable Helm Chart support in Twistlock.
9 minutes | Apr 29, 2019
EP 21 - DockerHub Compromise
In this episode, John Morello explains what we know about the DockerHub compromise, what potential impacts exist for DockerHub users, and what you can do to minimize impact to you and your apps. Twistlock customers are NOT affected.
16 minutes | Apr 23, 2019
EP 20 - How We Built It: Lambda Layers Protection
In this episode, Michael dives into how we built the Lambda Layers security features to allow Twistlock to be embedded and to secure Lambda Layers.
12 minutes | Apr 16, 2019
EP 19 - How We Built It: Istio
In this episode, Ilana from the Twistlock dev team discusses the process that she went through to create the Istio visibility, vulnerability management, and prevention features in Twistlock.
17 minutes | Apr 9, 2019
EP 18 - Twistlock 19.03 - Assigned Collections
In this episode, Ashley discusses and demonstrates the advantages of using Assigned Collections to provide granular visibility and security to your cloud native environments.0:51- Twistlock 2.4 - Projects1:30- Twistlock 1.8 - Collections2:24- Inside of Projects, team granular permissions2:38- Demo time11:03- Integrating granular control into DevOps lifecycle
18 minutes | Apr 4, 2019
EP 17 - Twistlock 19.03 - Host Forensics
In this episode, Paul demonstrates more host protection features, specifically host forensics, that are built into Twistlock 19.03. Paul demonstrates how anomalous activity can be tracked, alerted, and prevented through Twistlock on any host.
20 minutes | Apr 2, 2019
EP 16 - How We Built It - Kubernetes Audit Rules
In this episode, Omri details how Twistlock built the Kubernetes Audit rules features that integrate with Kubernetes AuditSink, as well as audits for GKE. 0:35- What are Kubernetes audits?1:30- Kubernetes audit rules in Twistlock3:28- How we built this feature5:30- Integration with Kubernetes dynamic backend feature6:10- demo time12:58- GKE Audits
21 minutes | Mar 28, 2019
EP 15 - Disclosing a directory traversal vulnerability in Kubernetes copy – CVE-2019-1002101
In this special episode, Ariel goes through the details of the latest Kubernetes CVE, CVE-2019-1002101, and explains how containers are vulnerable, what the vulnerability exposes, and how to get the latest kubectl update to mitigate the vulnerability.Link to Twistlock Labs detailed blog post:https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/Link to Twistlock Labs post on CVE-2017-1002101:https://www.twistlock.com/labs-blog/deep-dive-severe-kubernetes-vulnerability-date-cve-2017-1002101/Link to Kubernetes kubectl fix:https://github.com/kubernetes/kubernetes/issues/61297Contact info for Ariel and Twistlock Labs:Ariel - email@example.comLabs - firstname.lastname@example.orgTwitter - @twistlocklabs
13 minutes | Mar 26, 2019
EP 14 - Twistlock 19.03 - RASP Defender
In this episode, Neil demonstrates the new Twistlock 19.03 feature around RASP Defender, which allows the same level of visibility, automation, and protection in non-managed cloud native resources.
19 minutes | Mar 26, 2019
EP 13 - Twistlock 19.03 - Custom Runtime Rules Language
In this episode, Andreas demonstrates the new Twistlock 19.03 features around the new Custom Runtime Rules Language, which integrates with the Kubernetes AuditSink. Twistlock 19.03 also comes with over 40 custom rules that query the AuditSink logs to get you started quickly with actions around the events in your environment.
11 minutes | Mar 26, 2019
EP 12 - Twistlock 19.03 - K8s AuditSink Integration
In this episode, Jacob demonstrates the new Twistlock 19.03 features around integration with the Kubernetes AuditSink features.
7 minutes | Mar 26, 2019
EP 11 - Twistlock 19.03 - CNNF And Radar For Hosts
In this episode, James demonstrates the new Twistlock 19.03 features around host visibility and protection, including cloud native network firewall and Radar for hosts.
34 minutes | Mar 21, 2019
EP 10 - Why We Use Go
In this episode, Liron Levin, Chief Architect of Twistlock, explains the history behind the decision to use Go to build Twistlock, the criteria that was used to assess all the possible languages, some key findings and advantages of using Go, and, of course, some story time.1:52- Story time2:13- The architecture2:37- Language options3:45- Before Twistlock, and experience with Python4:22- Compiled languages + large teams + fast pace5:07- What does Docker use?5:48- Maybe I should try it? How quickly can I be productive?6:37- The benefits7:31- The first test: agent in Go, and console in node8:52- MongoDB for the data store9:36- New devs coming on board13:07- Simplicity and error handling14:34- Consistent formatting15:22- Coding standards17:33- Low level code and elements19:08- Anything unexpected?20:42- Places to optimize21:20- Rust25:00- Reducing complexity26:03- More story time30:28- Testing in Go
20 minutes | Mar 19, 2019
EP 9 - Documentation As Code
In this episode, Ian discusses how Twistlock is able to automate the creation and maintenance of the product documentation. He talks through the entire OSS-based system that is in place to manage documentation contributions, the tools used to build the docs, as well as a code deep dive through the search indexing and crawling to surface the docs to users.6:27- Documentation website9:34- Search mechanisms
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2022