There are multiple security controls and best practices for Docker container security, many of which are inherited from the Linux operating system on which Docker is deployed, including cgroups and namespaces, which provide isolation and control.
Twistlock is focusing on different areas of container protection, particularly the DevOps development lifecycle for continuous integration. “We do image hygiene and runtime protection,” Bernstein said.