Twistlock tools up to discover unknown unknown clouds • DEV…
Twistlock has released and open sourced a tool to allow teams to uncover cloud native services they never knew they had.
The security outfit said its Cloud Discovery tool would allow users to identify “all the cloud native platform services, such as container registries, managed Kubernetes platforms, and serverless services used across your cloud providers, accounts, and regions.”
The tool comes as a Docker container image, and Twistlock emphasised it would allow users to uncover these “unknown unknowns…without having to manually login to multiple provider consoles, click through many pages, and manually export the data.”
In a blog post, CTO John Morello said Cloud Discovery “connects to cloud providers’ native platform APIs to discover services and their metadata and requires only read permissions.” AWS, Azure and Google Cloud are the first platforms targeted.
It also has a network discovery option that “uses port scanning to sweep IP ranges and discover cloud native infrastructure and apps, such as Docker Registries and Kubernetes API servers, with weak settings or authentication.” Morello wrote that this “is useful for discovering ‘self-installed’ cloud native components not provided as a service by a cloud provider, such as a Docker Registry running on an EC2 instance. “
Morello wrote that the company was looking to work with the community to expand the tool’s capabilities. These include the afore-mentioned additional cloud platforms, and IDing insecure apps on Docker Hub.
IBM Cloud and Oracle Cloud both appear on the hit list for additional platforms while targeted Docker Hub apps include RabbitMQ, Redis, Postgres, Elasticsearch and Kibana.