Twistlock, a provider of container and cloud security solutions, has announced the release of Twistlock 2.5.

This release introduces cloud-native forensics to the Twistlock platform with the addition of forensic data collection and correlation. The platform maintains a spool of process and network activity for each node in an environment. It only centralizes and correlates that data in the Twistlock Console when incidents are detected, minimizing network overhead and ensuring visibility into the state of applications.

“As more of our customers scale out their cloud native environments, they’re finding that traditional forensic solutions don’t keep up – they’re not built for microservices, and the resource load needed to effectively collect and surface data slows down the production environment,” said John Morello, chief technology officer of Twistlock. “With the new forensic capabilities in Twistlock 2.5, we’re providing a fully cloud native approach that captures and stores forensic data pre-attack in a lightweight, decentralized fashion that can scale with even the most complex environment – yet still surface actionable signals in real time.”

Twistlock 2.5 also enables customers that are using AWS Fargate to protect their containers using Twistlock’s centralized policy creation and enforcement.

Twistlock’s runtime defense for serverless functions is also now generally available as of this release. Teams that are building applications to run in AWS Lambda or other serverless environments will now be able to protect their functions with the same automated policy deployment and centralized console used in protecting the rest of their cloud stack.