A startup aims to reinforce enterprise Docker with a new virtual container security suite.

Twistlock, a startup based in Tel Aviv and San Francisco that recently emerged from stealth mode, today announced the Twistlock enterprise security suite for containers. The end-to-end solution includes an open-source containerized application framework for developers as well as an enterprise solution for configuring and monitoring container security across virtual clusters.

The startup also announced US$2.5 million in seed funding led by YL Ventures.

Twistlock works by installing an agent on container hosts that supports static hardening and dynamic inspection of container elements before and at runtime. According to Twistlock CEO Ben Bernstein, the company approaches container security in enterprises from an “insider perspective,” identifying which virtual machine processes relate to specific workloads across clusters, plugging into Twistlock’s control channel for centralized management.

“We enable development teams to centrally plug ‘security’ into container images they want to push into production,” said Bernstein. “We make sure that containers are no longer a black box, and that security operation teams can rest assured that they can apply the security best practices they know and care about on containers.”

(Related: Melding Docker, microservices and virtualization at Container Summit)

Twistlock approaches container security on several fronts:

  • Host and container image layer static hardening: The solution implements best practices such as disabling unused OS capabilities and validating containers being pushed into production, checking that static hardening measures have been applied.
  • Dynamic inspection and enforcement: Twistlock authenticates authorization and auditing of container actions during runtime, and it offers Audit Trail and Container Insights services for real-time vulnerability detection on running container instances.
  • Central security management: The suite includes a virtual grid security configuration across the “container farm,” with alerts to the main management console based on specified security baselines.

Twistlock’s enterprise suite can run on-premises and in the cloud, integrating with cloud-based Docker providers such as AWS, Azure, Google Container Engine and Rackspace. The solution also integrates directly into the Docker engine to run on-premises workloads on VMware ESXi or Microsoft Hyper-V.

Bernstein said that rather than focusing solely on hardening containerized applications, Twistlock aims to be a holistic solution enabling multiple container security mechanisms for Docker, which the company referred to as the fastest-growing PaaS platform.

“In the long term we aim to provide a comprehensive solution to PaaS security,” said Bernstein. “PaaS provides challenges in that it offloads some of the security responsibility to developers, and we aim at creating a solution that will make developers life easier, and still enable security operation teams to maintain security standards. Doing this in PaaS era requires a different approach.”