Containers, Kubernetes, and infrastructure-as-code increasingly define cloud computing environments. As these tools give developers scalable application performance that accelerates the pace of deployment, organizations have migrated quickly to distributed development environments in recent years. Between 2019 and Q4 of 2021, the use of containers in multi-cloud environments tripled from 29% to 97%. Presently, 50% of applications are containerized, and by the end of 2023, 70% of developers will be running multiple, containerized applications on distributed multi-cloud architectures.
Nevertheless, swift adoption trends in new technologies often precipitate a lag in security capabilities. At the end of Q2 this year, 93% of polled cloud and DevOps engineers reported having experienced a serious container security incident within the last 12 months, 55% of which delayed application deployments. Looking forward, organizations should evaluate what challenges and developments in container security are likely in store for 2023.
1. Misconfigurations Will Continue to Be the Top Container Security Risk
In the last year, detected container misconfigurations were the most common source of incidents that affected deployments for 53% of organizations, while runtime incidents and failed audits were reported by 30 and 22% of respondents respectively. As container deployment often puts developers in security roles they are likely untrained for, it’s unsurprising that 73% of developers report that their application teams have insufficient experience and knowledge of context to identify container and cloud vulnerabilities and misconfigurations.
2. Security and Infrastructure Teams Will Collaborate More to Secure Cloud Environments
Recent studies show that attackers can detect container vulnerabilities in less than five hours. While container vulnerabilities remain the top security concern for most organizations, success in preventing container-related incidents tracks directly – 59% of the time – with a collaborative, DevOps approach in which security and development teams both apply their distinct skill sets to deployment challenges.
3. Inhouse Skills and the Employment Market Will Set the Pace of New Technology Adoption
At the end of 2021, 90% of organizations reported either having adopted container orchestration technologies such as Kubernetes or making plans to do so. Nevertheless, the U.S. currently faces a skilled IT labor shortage of nearly half a million jobs and organizations have begun to feel the effect in 2022. According to recent polls, lack of in-house IT skills and scarcity in the job market is currently topping the list of barriers to the adoption of new platforms and technologies.
Monitoring Expected Deployment Behavior with Spyderbat
Spyderbat’s eBPF-based runtime monitoring and security platform rewrites the script for securing container and multi-cloud environments. With advanced preventative measures for anticipating all possible misconfigurations reaching the point of diminishing returns, security and DevOps teams need enhanced visibility into live system behaviors in and between containers and clouds. Spyderbat uses eBPF to capture pertinent of activities within and across your ephemeral containers – and represents them in a visual UI where analysts trace causal connections in real time and historically. In addition to Runtime Visibility, Additionally, Spyderbat’s Runtime Delta allows teams to codify expected workload behaviors to recognize when runtime deviations occur. Lastly, Spyderbat’s Runtime Intrusion Prevention assesses live traces of causally-related activity to recognize the connections of multiple suspicious activities, even when separated by different user sessions, systems, and long periods of time, to accurately detect and actively contain attacks.
To learn more and schedule a live demo, contact Spyderbat today.
Write a comment