By Henrik Rosendahl, Head of Business Development, NeuVector

6 Forecasts as Container Threats Proliferate

Expect a busy year for enterprise DevOps and DevSecOps teams, as they strive to stay ahead of growing security threats to containerized and serverless environments.

Here are six trends to pay particular attention to in 2020:

1) Container security will continue shifting "left" to the very start of development, and "right" to safeguard production.

Enterprises are increasingly aware that bolting on container security in the middle of development is a poor (but still all too common) practice - essentially serving as a welcome sign for zero-day attacks and other critical vulnerabilities. Similarly, the fact that container-based applications face the most risks after launching into production is now widely acknowledged. Expect the trend of enterprises ensuring that container security measures shift both left and right to encompass the full application lifecycle to swell throughout 2020, becoming a default best practice.

2) Containerized environments will endure an increase in attacks.

As enterprises have flocked to containers, attackers have in turn recognized container environments as particularly ripe targets. Put in a positive light, these attackers have made deep contributions to container and Kubernetes security by helping discover many vulnerabilities and exploit opportunities (albeit while stealing data and carrying out nefarious and destructive activities). 2020 will prove that these attacks are here to stay and will only rise in prevalence and sophistication. Considering the dangers made clear by high-profile attacks - from the hacking of Tesla's public cloud using a Kubernetes exploit to the more recent cryptojacking worm infecting exposed Docker deployments - organizations will increase their investments in container security accordingly in 2020.

3) Enterprises will implement security mesh on top of service mesh.

As attackers' innovation continues to leverage new techniques across new threat vectors, enterprises will look to utilize their own non-traditional approaches to achieve lasting and effective security. Expect an increasing number of businesses to add a security mesh on top of a service mesh - adding new protections outside of established network and host security. A security mesh gives enterprises the ability to implement application-aware safeguards, and automated, intelligent security responses able to recognize and defeat complex attacks that attempt to exploit Kubernetes, or container APIs.

4) DevOps will increasingly implement container security policies as code.

Enterprise DevOps teams will more commonly leverage policy as code for container security in 2020, utilizing Kubernetes Custom Resource Definitions (CRDs), ConfigMaps, and further solutions to automate container security rules, tools, and configurations within CI/CD pipelines. Using these techniques, DevOps teams can declare container security policies as code in standard YAML files, creating policies based upon analysis of appropriate application behavior. Expect traditional security teams to utilize these solutions as well, in order to protect their container environments with cloud-native global security policies.

5) Serverless will experience rapid adoption, necessitating more robust serverless security.

With serverless experiencing 50% year-over-year growth in 2019 and taking the crown as the fastest-growing cloud service model, the technology is poised to achieve even greater mainstream adoption throughout 2020. The popularity of serverless is well deserved: by eliminating the need for servers, serverless streamlines operational complexity and overhead while adding to DevOps efficiency. This allows for agile applications that heavily leverage managed services and can reduce costs. At the same time, serverless deployments require their own dedicated security solutions designed to specifically safeguard serverless architectures. Expect the rise of serverless to include a corresponding rise in demand for effective serverless security.

6) Container technology continues to speed up the arrival of Cloud 2.0.

Many enterprises that have not already implemented advanced cloud-native solutions will do so in 2020, as the advantages become increasingly compelling. Offered the potential to transform their cloud capabilities with solutions that more effectively and dynamically achieve their business goals, enterprises have better incentives than ever to make the leap to Cloud 2.0 technologies. Expect even more enterprises to embrace containers, service and security meshes, cross-cluster and hyperscale management, serverless, and other solutions delivering next-level networking, storage, and security functionality in the coming year.

##

About the Author

Henrik Rosendahl is the Head of Business Development at NeuVector, which delivers the only cloud-native Kubernetes security platform with end-to-end protection. A serial enterprise software entrepreneur, Henrik has had successful exits at four companies (two to VMware). He is based in the Bay Area.