Organizations struggle with container security
Containerization has seen rapid adoption in recent years, but a new study from container security specialist StackRox reveals organizations struggling with security issues.
The report shows that while two-thirds of organizations have more than 10 percent of their applications containerized, 40 percent of them remain concerned that their container strategy doesn't adequately invest in security. Another 34 percent say that their strategy lacks sufficient detail.
Kubernetes is the most popular container platform, with 86 percent now running it. Nearly three-quarters (70 percent) of respondents are running containers on premises, 53 percent are running them in hybrid mode, with containers deployed both on premises and in the public cloud. Only 17 percent are running containers only on premises, a drop from 31 percent six months ago. 78 percent of respondents report running containers on AWS. However, Google Cloud Platform has gained market share, up from 18 percent to 28 percent in the last six months.
The report shows that 60 percent of respondents identify misconfigurations and accidental exposures as their biggest container security concern, up from 54 percent six months ago. Runtime remains the container life cycle phase that respondents worry about the most (43 percent), followed by deployment (35 percent) and build (22 percent).
"DevOps, containers, and Kubernetes are the backbone of digital transformation initiatives in every organization today, but security still needs to catch up," says Kamal Shah, StackRox CEO. "Organizations are putting the operational benefits of agility and flexibility at risk by not investing in security. Containers and Kubernetes have moved well beyond the early adoption phase -- security must be built-in from the start, not bolted-on after the fact, for organizations to securely realize the full potential of cloud-native technologies."
The full report is available from the StackRox site.