Twistlock Logo

  1. Documentation
  2. Twistlock 19.07
  3. API
  4. API reference
  • About
    • Welcome
  • Download
    • Releases
    • Utilities and plugins
    • Support lifecycle
  • Install
    • Getting started
    • System requirements
    • Twistlock container images
    • Onebox
    • Kubernetes
    • OpenShift
    • Pivotal Container Service
    • Docker Swarm
    • Amazon ECS
    • DC/OS
    • Windows
    • Defender types
    •  Install Defender
      • Single Container Defender
      • Cluster Container Defender
      • RASP Defender
      • RASP Defender for Fargate
      • RASP Defender for Pivotal PAS
      • Serverless Defender
      • Serverless Defender (Lambda layer)
      • Decommission single Container Defender
  • Upgrade
    • Overview
    • Onebox
    • Kubernetes
    • OpenShift
    • Helm charts
    • Docker Swarm
    • Amazon ECS
    • Single Container Defenders
    • DaemonSet Defenders
  • Technology overviews
    • Twistlock Advanced Threat Protection
    • App-specific network intelligence
    • Radar
    • Serverless Radar
    • Twistlock rules guide for Docker
    • Defender architecture
    • Marketplace images
    • Telemetry
  • Configure
    • Rule ordering and pattern matching
    • Disaster recovery
    • Custom feeds
    • Proxy configuration
    • Custom certs for Console access
    • Configure scan intervals
    • User certificate validity period
    • Manage Twistlock with systemd
    • Disable HTTP access to Console
    • Set different paths for Console and Defender (with daemon sets)
    • Authenticate to Console with certificates
    • Customize terminal output
    • Collections
    • High availability
    • Logon Settings
    • Reconfigure Twistlock
    • Subject Alternative Names
    • Credentials store
    • Alerts
    •  Alert channels
      • AWS Security Hub
      • Email
      • Google Cloud Pub/Sub
      • Google Cloud SCC
      • IBM Cloud Security Advisor
      • JIRA
      • PagerDuty
      • Slack
      • Webhook
  • Vulnerability management
    • Vulnerability Explorer
    • Vulnerability management rules
    • Search CVEs
    • Scan reports
    • Customize image scanning
    • Registry scanning
    •  Configuring registry scans
      • Amazon EC2 Container Registry
      • Azure Container Registry
      • Docker Hub
      • Google Container Registry
      • IBM Cloud Container Registry
      • JFrog Artifactory Docker Registry
      • OpenShift integrated Docker registry
      • Webhooks
    • Malware scanning
    • Zero-day vulnerabilities
    • Risk trees
    • Detect vulnerabilities in unpackaged software
    • CVSS scoring
    • Google Cloud Container Builder
    • Windows image scanning
    • Serverless function scanning
    • PCF blobstore scanning
  • Access control
    • Role-based access control
    • Integrate with Active Directory
    • Integrate with OpenLDAP
    • Integrate with SAML
    • Integrate Google G Suite (SAML)
    • Integrate with Azure Active Directory via SAML 2.0 Federation
    • Integrate with PingFederate via SAML 2.0 Federation
    • Integrate with Active Directory Federation Services (ADFS) via SAML 2.0 Federation
    • Non-default UPN suffixes
    • User roles
    • Assign roles
    • Use custom certificates for authorization
  • Compliance
    • Compliance Explorer
    • Manage compliance
    • CIS Benchmarks
    • Twistlock Labs compliance checks
    • Serverless functions
    • Windows compliance checks
    • Custom compliance checks
    • Extensible compliance checks
    • Trusted images
    • Host scanning
    • Detect secrets
    • Cloud discovery
  • Runtime defense
    • Runtime defense
    • Runtime defense for processes
    • Runtime defense for networking
    • Runtime defense for file systems
    • Runtime defense for system calls
    • Runtime defense for hosts
    • Custom runtime rules
    • Blocked containers
    • Import and export individual rules
    • Discrete blocking
    • Fargate
    • Incident Explorer
    •  Incident types
      • Backdoor admin accounts
      • Backdoor SSH access
      • Brute force
      • Crypto miners
      • Data exfiltration
      • Hijacked processes
      • Kubernetes attack
      • Lateral movement
      • Port scanning
      • Service violation
      • Weak settings
  • Continuous integration
    • Jenkins plugin
    • Jenkins Freestyle project
    • Jenkins Maven project
    • Jenkins Pipeline project
    • Run Jenkins in a container
    • Jenkins pipeline on K8S
    • CloudBees Core pipeline on K8S
    • Set policy in the CI plugins
  • Firewalls
    • Cloud Native Application Firewall (CNAF)
    • Deploy CNAF
    • Cloud Native Network Firewall (CNNF)
    • CNNF for hosts
  • Secrets
    • Secrets manager
    • Integrate with a secrets store
    •  Secrets stores
      • AWS Secrets Manager
      • AWS Systems Manager Parameters Store
      • Azure Key Vault
      • CyberArk Enterprise Password Vault
      • HashiCorp Vault
    • Inject secrets into containers
    • Injecting secrets example
  • Audit
    • Event viewer
    • Host activity
    • Admin activity
    • Annotate audits
    • Delete audit logs
    • Syslog and stdout integration
    • Log rotation
    • Throttling
    • Prometheus
    • Kubernetes auditing
  • Tools
    • twistcli
    • Scan images with twistcli
    • Install Console with twistcli
    • Update offline environments
  • Deployment patterns
    • Operationalize
    • Projects
    • DNS and certificate management
    • Performance planning
  • API
    • API reference
    • API 19.03 porting guide
    • Access the API
    • Set up fresh Console
    • Automate Defender install
    • Manage compliance policies
  • How-to guides
    • Configure a load balancer in AWS
    • Configure Twistlock to use Nginx Ingress Controller
    • Configure the load balancer type for AWS EKS
    • Deploy Defenders External to an OpenShift cluster
    • Configure Console's listening ports
    • Integrate scanning into the OpenShift build
    • Provision tenant projects OpenShift
    • Setting up Istio
    • Multi-AZ HA
    • Disable automatic learning
    • Rolling Defender upgrades
  • Troubleshooting
    • Collect debug data
    •  Active Directory
      • Active Directory
      • OpenLDAP
    •  Compliance
      • Trusted images
    •  Console
      • Disconnected Intelligence Stream
      • Forgot Console password
      • Crash loop back-off
      • Recovering primary node in HA setup
    •  Defender
      • Connectivity issues
      • DaemonSet
    •  Kubernetes
      • Kubernetes
    •  Registry
      • Artifactory
      • Artifactory 401
      • GCR
      • GCR permissions
    •  Runtime
      • File System Prevent
      • Host FIM Protection
    •  SAML
      • RBAC
      • Requests and responses
      • SAML
    •  Third party software
      • Sporadic errors with Kubernetes liveness probes
      • Networking with netstat
    •  Upgrade
      • Upgrade from 2.0 to 2.5
      • Upgrade from 2.5 to 19.03
    •  Vulnerability
      • Clearing Defender cache
    •  Windows
      • Windows driver events
  • Webinars
    • How to secure a Linux host
    • Automating security in Jenkins
    • Six reasons why dev should own security
    • Managing compliance in container environments
    • Automating security with Kubernetes
    • Incident response

API reference

Copyright © 2020 Twistlock
This site was built on 2020-05-08