Container and Kubernetes security company StackRox has released a new report looking to understand how adoption of these technologies affects security concerns.
The State of Container Security report finds that more than a third of organizations worry thattheir strategies don't adequately address container security.
In addition 15 percent believe their strategies don't take seriously enough the threat tocontainers and Kubernetes deployments, and more than a third of respondents haven’t started or are just creating their security strategy plan.
The main concern, cited by 54 percent of respondents, is risks driven by misconfigurations and accidental exposures. Also 44 percent, indicate that shifting to runtime from build and deploy is the phase they are most concerned about from a security perspective.
There are concerns surrounding infrastructure too with 70 of respondents running some containers on premise and 32 percent running only on premise. About 40 percent of respondents are running containers in hybrid environments, both on premise and in the cloud, and just under 30 percent of respondents are running them only in the cloud.
When asked who in the organization should take lead running container security, DevOps andDevSecOps are the top responses.
"The influence of DevOps and the fast uptake in containerization and Kubernetes have madeapplication development more seamless, efficient and powerful than ever. Yet, our surveyresults show that security remains a significant challenge in enterprises’ container strategies,"says Kamal Shah, StackRox's CEO. "Containers provide a natural bridge for collaborationbetween DevOps and security teams but they also introduce unique risks that, if left unchecked,can create real risks for the enterprise."
The full report is available to download from the StackRox website.
Image credit: maninblack / depositphotos.com