Articles about containers

The use of container images is growing fast thanks to their flexibility and convenience, but they can also represent a weak cybersecurity link in software supply chains.

A new report from NetRise looks at the scope and scale of the components and risks found across 70 of the most commonly downloaded Docker Hub container images.

Continue reading →

Parceling up software applications into ‘containers’ is commonplace these days, having grown rapidly over the last decade. Aiming to simplify the development, testing, and delivery process, to encourage agility, it’s a way of working that continues to have wide appeal.

For the uninitiated, a container is akin to putting everything needed to run an application into a portable box. The box holds all the elements ready-made for different systems and hardware, including software, configurations, and files. As a result, applications run consistently regardless of whether they are on virtual machines, cloud platforms, or on-premise servers. 

Continue reading →

A new study shows that in 2024, the biggest challenge to gaining observability into cloud-native environments -- cited by 48 percent of respondents -- is lack of knowledge among the team. This is up from 30 percent in 2023.

The report from Logz.io shows only 10 percent of organizations are utilizing full observability, that is, observing the real-time status of every component of the entire technology stack.

Continue reading →

Kubernetes is one of the most widely used container tools, but failure to accurately forecast resources leads to overprovision, waste and overspending.

A new report from Kubernetes automation platform CAST AI reveals high levels of underutilization are costing businesses more than necessary.

Continue reading →

Organizations are struggling to keep up with vulnerabilities amid software supply chain complexity, with more than 40 percent still in reactive mode according to a new report from Slim.AI.

The 2023 Container Report, based on a survey conducted with Enterprise Strategy Group, shows few organizations know exactly how to address security in the upstream dependencies of the applications and the containers they run in production.

Continue reading →

A new survey of 800 security and IT leaders from large organizations shows 76 percent of security and IT pros believe we are heading towards a cloud reckoning in terms of costs and security.

The study from Venafi finds that 84 percent believe Kubernetes will soon be the main platform used to develop all applications. But, three-quarters worry that the speed and complexity of Kubernetes and containers is creating new security blind spots.

Continue reading →

Among cloud developers, Kubernetes is now a widely used platform. It's not immune to security incidents, however, and these can lead to loss of revenue or customers.

So, what's the best way to secure Kubernetes systems? Alex Jones, engineering director Kubernetes at Canonical, suggests a need to look beyond containers with a holistic approach to security that spans all layers of the system. We talked to him to discover more.

Continue reading →

What capabilities do IT professionals need for container networking and security? That's what a new study from Tigera has set out to discover.

A survey of more than 1,200 users of the Calico Open Source container security platform finds the capabilities driving their adoption of Calico are, scalable networking (35 percent), security policies (35 percent), interoperability across different environments (33 percent) and encryption capabilities (30 percent).

Continue reading →

In the dash to move systems to the cloud it's easy to become dependent on the services of a specific vendor, making it time-consuming or costly to move to an alternative at a later date.

We spoke to Cooper Lutz, chief architect, digital solutions at AHEAD, to get his advice for IT teams making their way to the cloud on the best practices to mitigate vendor lock-in.

Continue reading →

The Java programming language dates back to 1996, released by Sun Microsystems as a way of developing multimedia applications in a portable and interactive way.

That Java is still immensely popular almost 30 years on suggests that it must have got something right. New Relic's 2023 State of the Java Ecosystem report takes an in-depth look at the use of one of the most popular programming languages.

Continue reading →

Thanks to increased cloud and container use there's a growing demand for machine identities, but delivering and managing those identities can present problems.

Machine ID specialist Venafi is launching a new tool called Firefly that enables security teams to easily and securely meet developer-driven machine identity management requirements for cloud native workloads by issuing machine identities, such as TLS and SPIFFE, locally and quickly across any environment.

Continue reading →

With the creation, storage, and use of data continuing to accelerate dramatically, security vulnerabilities and risks to data integrity are also escalating across the board. The trends are alarming, with one recent study from IDC -- looking at the requirements for ransomware and disaster recovery preparation -- revealing that in 2022, almost 80 percent of organizations surveyed had activated a disaster response. What’s more, 83 percent had experienced data corruption, and most worrying of all, almost two-thirds said that a ransomware attack had resulted in unrecoverable data.

Indeed, there is currently no application type that can be considered to be completely safe from ransomware. Among the wide range of possibilities this situation creates are the risks posed to organizations that are refactoring their applications for Kubernetes. Refactoring is an increasingly popular approach to application deployment, whereby apps are broken down into a range of services that can subsequently be operated independently. One of the key benefits this offers is that the application’s underlying hardware is used more efficiently, while each service can also be scaled as required without impacting other services and resources.

Continue reading →

Due to the nature of modern software design and the sharing of open source images, security teams face a large number of container vulnerabilities according to a new report.

The study from Sysdig, based on real-world data sets covering billions of containers, thousands of cloud accounts, and hundreds of thousands of applications, finds 87 percent of container images have high or critical vulnerabilities.

Continue reading →

Containers have become increasingly popular in recent years, they can be spun up quickly and offer developers the opportunity to deliver projects faster as well as gains in agility, portability and improved lifecycle management.

Here are what some industry experts think we'll see happening in the container market in 2023.

Continue reading →

New research into the adoption of Kubernetes finds 51 percent of cloud developers are using Kubernetes and containers in their daily operations, and 57 percent have seen an increase in the number of Kubernetes clusters running within their organization over the last year.

The survey of 1,000 cloud developers by Civo finds the most common benefits cited for Kubernetes are its ease for scaling of work and for management of containers, named by 36 percent and 35 percent of respondents citing respectively.

Continue reading →