Accelerating Cloud-Native Development Brings Opportunities and Challenges for Enterprises
August 16, 2022

Ratan Tipirneni

By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. This momentum of these workloads and solutions presents a significant opportunity for companies that can meet the challenges of the burgeoning industry.

As digitalization continues pushing applications and services to the cloud, many companies discover that traditional security, compliance and observability approaches do not transfer directly to cloud-native architectures. This is the primary takeaway from Tigera's recent The State of Cloud-Native Security report. As 75% of companies surveyed are focusing on cloud-native application development, it is imperative that leaders understand the differences, challenges, and opportunities of cloud-native environments to ensure they reap the efficiency, flexibility, and speed that these architectures offer.

Containers: Rethinking Security

The flexibility container workloads provide makes the traditional ‘castle and moat' approach to security obsolete. Cloud-native architectures do not have a single vulnerable entry point but many potential attack vectors because of the increased attack surface. Sixty-seven percent of companies named security as the top challenge regarding the speed of deployment cycles. Further, 69% of companies identified container-level firewall capabilities, such as intrusion detection and prevention, web application firewall, protection from "Denial of Service" attacks, and deep packet inspection as the top need for network security for cloud-native applications.

To overcome many threat vectors, companies must implement a zero-trust approach early in development to reduce the attack surface. This approach should start with a deny-all mechanism that only orchestrates communication between various workloads where and when it is necessary.

A zero-trust strategy reduces the attack surface and limits the blast radius of any potential intrusion by preventing bad actors from weaseling their way deeper into more vulnerable and sensitive areas of the application, data and infrastructure. With this security foundation in place, IT teams can confidently move forward to deployment and layer in additional mitigating controls to bolster their defenses further.

The Importance of Observability

To independently troubleshoot Kubernetes microservices issues today, DevOps and SRE teams must stitch together an enormous amount of data from multiple disparate systems that monitor infrastructure and service layers. Troubleshooting this way is a significant time sink for already stretched-thin DevOps teams. This challenge is reflected in Tigera's report, which found that nearly all (97%) survey respondents experience observability challenges when trying to secure their cloud-native applications, with 51% citing a lack of actionable insights, such as root cause and resolution recommendations, as the top challenge.

The difficulty of processing container-level data also plays a crucial role in meeting compliance requirements. More than 6 out of 10 (63%) respondents indicated that they must provide container-level information for compliance needs, but finding and correlating all relevant container data is a challenge that 77% of respondents faced when trying to meet container-level compliance requirements.

The complex nature of Kubernetes microservices deployments and the overwhelming amount of data generated makes it nearly humanly impossible to make sense of the data without machines to help diagnose and troubleshoot. This problem is only getting worse by the day, given the accelerating density of applications and the dynamic nature of cloud-native environments.

It's time we realize that existing tools are inadequate and re-imagine the solution for this critical observability problem. This can only be done effectively by applying machine learning and artificial intelligence (AI) to observability; in effect, deploying machines to de-bug machines. By automating dynamic monitoring processes, for example, we can create intelligent observability that converts telemetry data into actionable insights. We can use AI to analyze this data to identify problem patterns and create unique observability "snapshots" that can be used to build reference templates, which can be cataloged and accessed by troubleshooting teams when issues arise. This will enable DevOps and security teams to reappropriate the time spent troubleshooting toward more productive activities.

The Future of Cloud Native

We are still early in the process of fully addressing the challenges that this new evolution will bring. Much as these architectures continue to mature, so too does the sophistication of bad actors' intrusion techniques. This makes the ideal cloud-native stack a moving target, and all stakeholders must be willing to adapt as we move forward.

That said, we have already learned a lot that will be instrumental in repelling bad actors. Much of these best practices come down to where one starts. We have already mentioned the importance of building from a base principle of zero trust. But even before that point, teams starting this journey should ensure they are working with partners that are tailor-made for cloud-native environments. Only these partners can understand and enable the collaboration needed between the many personas involved with developing, deploying and securing cloud-native architectures.

Ultimately, the benefits of cloud-native architectures far outweigh the solvable challenges. Cloud-native will increase innovation velocity as enterprises can push out applications and services faster using pre-built components. This will profoundly impact the entire software ecosystem and put the current industry goliaths on their toes as they face competition from more agile disruptors. This is the ecosystem we are moving toward, and identifying and working through the challenges we've discussed here is a critical component of building that ecosystem in a healthy, sustainable way.

Ratan Tipirneni is President and CEO of Tigera
Share this

Industry News

September 20, 2023

Oracle announced new application development capabilities to enable developers to rapidly build and deploy applications on Oracle Cloud Infrastructure (OCI).

September 20, 2023

Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud.

September 20, 2023

DataStax announced a new JSON API for Astra DB – the database-as-a-service built on the open source Apache Cassandra® – delivering on one of the most highly requested user features, and providing a seamless experience for Javascript developers building AI applications.

September 19, 2023

Oracle announced the availability of Java 21.

September 19, 2023

Mirantis launched Lens AppIQ, available directly in Lens Desktop and as (Software as a Service) SaaS.

September 19, 2023

Buildkite announced the company has entered into a definitive agreement to acquire Packagecloud, a cloud-based software package management platform, in an all stock deal.

September 19, 2023

CrowdStrike has agreed to acquire Bionic, a provider of Application Security Posture Management (ASPM).

September 18, 2023

Perforce Software announces BlazeMeter's Test Data Pro, the latest addition to its continuous testing platform.

September 18, 2023

CloudBees announced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.

September 18, 2023

Akuity announced a new open source tool, Kargo, to implement change promotions across many application life cycle stages using GitOps principles.

September 14, 2023

CloudBees announced significant performance and scalability breakthroughs for Jenkins® with new updates to its CloudBees Continuous Integration (CI) software.

September 14, 2023

JFrog unveiled new capabilities that set the standard for quality, security, MLOps and integrity of software releases.

September 14, 2023

Enea launched the Enea Qosmos Threat Detection SDK.

September 13, 2023

Check Point® Software Technologies Ltd. announced the completion of its acquisition of Perimeter 81, a pioneering Security Service Edge (SSE) company, with a team of over 200 employees that serves more than 3,000 customers worldwide.