The State of Kubernetes Security in 2024

26 de junho de 2024Red Hat

The State of Kubernetes Security for 2024 report shows us that as the popularity of Kubernetes grows, the more important security planning and tooling becomes. Our annual report examines some of the most common cloud-native security challenges and business impacts that organizations face today, helping us to better understand their practices and priorities.

The report is based on a survey of 600 DevOps, engineering and security professionals around the world in organizations ranging from small companies to large enterprises. It delivers insights into the following:

Specific security risks facing organizations and the steps they are taking to mitigate these risks.
The types and frequencies of security incidents that organizations experience in Kubernetes environments.
The distribution of Kubernetes security responsibilities across the organization.
Guidance for reducing risks throughout application lifecycles.

Check out some of the highlights below and download the full report to learn more about the findings, as well as learn three tips for increasing the security of your cloud-native environments.

Security incidents can occur in all phases of the application lifecycle, and can be caused by a variety of issues. Despite the popularity of Kubernetes, many organizations are still cautious in their approach. Forty-two percent (42%) of respondents cite security as a top concern with container and Kubernetes strategies, noting the difficulties that can surface as security incidents, vulnerabilities, and misconfigurations at different stages of the application lifecycle.

Current container strategies present security-related concerns, with 42% of respondents suggesting that their company does not have sufficient capabilities in place to help address container security and related threats, particularly in light of the increased complexity that comes with modern computing environments.

What is your biggest concern about your company's container strategy?

Security issues continue to impact business outcomes, with 67% of respondents indicating that their companies delayed or slowed application development as a result of rising security concerns. The complexity of container-based Kubernetes environments is also a factor with which some organizations still struggle.

Have you ever delayed or slowed down application deployment into production due to container or Kubernetes security concerns?

DevSecOps practices are common across organizations, with 42% of respondents reporting DevSecOps initiatives in an advanced stage in their organization. Meanwhile, 48% of respondents say their organization values DevSecOps and is in the early adoption stage, with teams collaborating on policies and workflows. This marks a notable improvement from last year, when only 39% of respondents reported being at this stage.

Do you have a DevSecOps initiative in your organization?

Sobre o autor

Red Hat

The world’s leading provider of enterprise open source software solutions

Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies.

Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Read full bio