Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
NeuVector Releases New Report on the Current State of Container Security

NeuVector announced the findings of its 2021 EU Container Security Survey. The new report finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.

NeuVector polled more than 1,200 enterprise DevOps professionals attending KubeCon EU 2021. More than 89% of these survey respondents have container deployments active, and 88% are planning additional container deployments in the next 6-12 months. Kubernetes is the most used orchestration platform among respondents, followed by Red Hat OpenShift and Rancher. AWS took the top three positions among cloud platforms used, with respondents naming AWS EC2, AWS EKS, and AWS Fargate as the most popular options. But most interestingly: while container and Kubernetes security was cited as a top concern, many respondents also reported that their current security tools and practices are not well-matched for meeting ongoing (and continually escalating) security requirements.

2021 EU Container Security Survey highlights:

  • Kubernetes runtime security is a growing concern

Almost three-fourths of respondents had concern over their Kubernetes runtime security - including their risk of network attacks, man-in-the-middle attacks, and cryptomining. While 64% report having visibility into the sensitive information being accessed from their Kubernetes environments, Kubernetes itself obfuscates some of this information through a layer of abstraction. In reality, many respondents who claim this visibility likely lack insights into Kubernetes API server access, pod-to-pod communication, the encryption status of connections, and other areas of concern. Survey responses also indicated confusion over what vulnerability scanning tools and additional cloud provider or vendor protections respondents have available, suggesting that many organizations are likely less protected than they might assume.

  • An over-reliance on built-in Kubernetes security policies is worrisome

Seventy-two percent of respondents rely on Kubernetes Network Policy (KNP) and/or Pod Security Policy (PSP) to protect their Kubernetes deployments. While these built-in policies offer basic security, they do not provide adequate protections to properly insulate organizations from risks. This is especially true with PSP, which was deprecated in June 2021. To achieve fully-reliable Kubernetes protections, organizations require more granular and automated Kubernetes-native security capabilities.

  • Organizations using Kubernetes across multiple clouds must address security implications

Most - 70% - respondents either have plans to scale their Kubernetes workloads across multiple clouds, or already do so. These multi-cloud deployments multiply an organization's security concerns by increasing the difficulty of managing security across platforms and policies across different clusters. These enterprises require a Kubernetes-native security strategy capable of deploying automated security and supporting each cloud and platform in use.

  • Compliance tool adoption lags, but remains essential
Just 20% of respondents have a compliance tool in place for their container and Kubernetes environments. This area in particular is a target for growth, as enterprises subject to regulations such as PCI-DSS, SOC-2, GDPR and others require automated compliance scanning and reporting capabilities in their production environments.

"Most respondents express concern over the security of their container environments, and especially their Kubernetes deployments in production," said Glen Kosaka, VP of Product Management, NeuVector. "But it's clear that concern needs to turn into action. Many are likely overestimating the capabilities of their current container security and compliance processes - and as headlines continue to show, container environments are an increasingly inviting target for attacks. We look forward to helping organizations better understand both their true security requirements and the reliable security capabilities available to fully protect their environments. Achieving end-to-end container security and maintaining application development velocity and agility is not an either-or decision that enterprises should have to make."

The complete survey report can be accessed here: https://go.neuvector.com/2021-security-survey-kubecon-eu
Published Thursday, August 19, 2021 11:51 AM by David Marshall
Filed under: , ,
Get This Featured White Paper: High Availability Clusters in VMware vSphere without Sacrificing Features or Flexibility
You may also be interested in this white paper: Powering Remote Game Development
Comments
Containers vs VM (Virtual Machines) - Which One is Better? : @VMblog - (Author's Link) - December 13, 2022 1:47 PM

PingBack from https://vmblog.com:443/archive/2022/11/28/containers-vs-vm-virtual-machines-which-one-is-better.aspx

To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CTE2023
CC2023
big-5g
DTX2023
connected-america
unified-communications
kubecon-eu-2023
disrupt2023
vExpert
Calendar
<August 2021>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234