John Morello, Twistlock & Nanda Kumar, Verizon Global Technology Services sit down with John Furrier & Stu Miniman at KubeCon 2018 in Seattle, Wa #KubeCon #Twistlock #theCUBE https://siliconangle.com/2018/12/18/container-security-startup-is-cloud-native-agility-yes-man-startupoftheweek/ Container security startup is the cloud-native yes man The maturation of the Kubernetes container management platform is bringing relief to enterprises everywhere. They no longer require the biggest brains in information technology to configure clusters on the open-source platform for orchestrating containers (a virtualized method for running distributed applications). This is pushing Kubernetes and cloud-native computing further into the mainstream. At the same time, the cast of supporting actors around Kubernetes and cloud-native is growing. The tool makers mean well; they want to improve some area of operations — like the orchestration of containers across environments. But will the need for extras and a glut to choose from become the new complexity nightmare? Let’s take security, for example. It’s obviously an essential. Containers running across different environments — public clouds, for instance — certainly raise interesting questions: Will container security add a new layer of complexity and friction to Kubernetes? Where does security live in the multicloud world? Do cloud-native applications and operations require a whole new security paradigm? Those building cloud-native apps or deploying any apps on Kubernetes should be thinking of security in a new way, according to said John Morello (pictured, left), chief technology officer of Twistlock Ltd. Companies are going cloud native because it basically allows them to do things a lot faster, he added. Most traditional security technology is a sack race compared to cloud-native’s Olympic sprint. To get the most from cloud-native, users have to get their security system running apace with it. “It also has to get away from that approach people took in the past where security was always this friction; it was this impediment,” Morello said. All those time-consuming security reviews aren’t kind to trigger-happy cloud-native developer operations. “If that’s your approach to security, you’re going to be at a fundamental conflict [with] this new approach,” he stated. Morello and Nanda Kumar (pictured, right), digital technology transformation, global technology Services, at Verizon, spoke with John Furrier (@furrier) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the KubeCon + CloudNativeCon event in Seattle, Washington. They discussed the benefits of cloud-native, app-centric security for use cases, including Kubernetes, and why Verizon chose Twistlock to secure its own Kubernetes deployments. (* Disclosure below.) This week, theCUBE spotlights Twistlock in our Startup of the Week feature. Security whitelist just says, ‘yes’ Twistlock is a 4-year-old cloud-native cybersecurity company for securing containers in Kubernetes, Docker Inc., etc. It gels with the cloud-native approach by referring to a whitelist of allowed activity instead of a blacklist of no-nos. “We create this reference model where you can understand what’s normal, and then we automatically prevent anomalies. So unlike that traditional world of security, where you had to have a whole bunch of manual rules to black-list everything that was bad, we just say, ‘We learn what’s good and only allow that,'” Morello stated. If something smells fishy, the alert goes straight to developers instantly so they can fix it. There are no waiting weeks for a security scan to find an app in production that has a “breach me” sign on its back. Sounds great, but how does it work with Kubernetes? Is it a cat-and-dog death duel getting them to work together? Deep in Kubernetes and across multicloud universe A Kubernetes Technology Partner, Twistlock is itself a cloud-native application that blends right in with the platform. “Not only do we protect the platform, but we just are part of the platform,” Morello said. “There’s nothing abnormal that you have to do. You deploy it and manage it like you would any other Kubernetes application.” With containers traversing multiple cloud environments, companies have to forget the old notion of a firewall in one location, according to Morello. “One of the things that we really think is important is to be able to bring the parameter to the application,” he stated. ... Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the KubeCon + CloudNativeCon event. (* Disclosure: Twistlock Ltd. sponsored this segment of theCUBE. Neither Twistlock nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)