Facing the Security Challenges of Cloud-Native Applications
June 14, 2022

Growth in cloud-native workloads surged with the rapid digitalization caused by the pandemic and the need for more agile, powerful development tools. By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021.

Three-quarters (75%) of companies are focusing development on cloud-native applications, according to the The State of Cloud-Native Security report from Tigera.

The increased development and deployment of cloud-native applications also creates the need for more advanced observability and security capabilities.

"Organizations are only just beginning to unlock the potential of cloud-native applications," said Ratan Tipirneni, President and CEO, Tigera. "At the same time, however, these unprecedented innovations have created unforeseen challenges–evidenced by the majority of IT professionals naming security as a top challenge when it comes to cloud-native application deployment cycles."

Cloud-native applications are gaining momentum but also present security, compliance, and observability issues:

■ 97% of companies reported observability challenges with cloud-native applications.

■ 96% of companies said that cloud-native application challenges are leading to slower deployment cycles, with 67% naming security as the top challenge.

■ 69% of companies identified container-level firewalls (IPS/IDS, WAF, DDoS, DPI, etc.) as the top need for network security for cloud-native applications.

■ 76% of organizations need runtime visualization for cloud-native applications.

Organizations require security solutions for runtime, access, and networking for containers:

■ 99% of companies indicated containers require access to other applications and services.

■ 98% need container security, with runtime security topping the list.

■ 99% of companies require network security for containerized applications.

Cloud-native and container compliance requirements are driving delays and challenges for organizations:

■ 87% of companies said meeting compliance requirements is critical for their company, and 84% of respondents said that meeting compliance requirements for cloud-native applications is challenging.

■ 95% said they have compliance requirements for cloud-native applications.

■ 63% of companies must provide container-level information for compliance requirements.

■ 90% said audit reports are challenging to produce.

Adopting tools that increase visibility and provide security at the container, application, and network levels can help enterprises address cloud-native security, including threat prevention by reducing the application attack surface; threat detection by monitoring for both known and unknown threats; and threat mitigation by quickly resolving risks from exposure. These tools remove barriers and delays during development and deployment while also reducing the risk of delayed time to market, security vulnerabilities, and compliance violations.

Methodology: The report yielded responses from 304 security and IT professionals globally (those with direct container responsibilities).

Share this

Industry News

September 22, 2022

Katalon announced the launch of the Katalon Platform, a modern and comprehensive software quality management platform that enables teams of any size to easily and efficiently test, launch, and optimize apps, products, and software.

September 22, 2022

StackHawk announced its Deeper API Security Test Coverage release.

September 21, 2022

Platform9 announced the launch of its latest open source project, Arlon.

September 21, 2022

Redpanda Data announced Redpanda Console.

September 21, 2022

mabl announced its availability as a private listing on Google Cloud Marketplace.

September 21, 2022

Zesty announced a $75 million Series B funding round led by B Capital and Series A investor Sapphire Ventures.

September 20, 2022

Opsera, the Continuous Orchestration platform for DevOps, announced a free trial of its no-code Salesforce Release Management platform for fast and secure Salesforce releases.

September 20, 2022

Sysdig announced ToDo and Remediation Guru.

September 20, 2022

AutoRABIT announced CodeScan Shield.

September 19, 2022

Akuity.io announced the general availability of the Akuity Platform, a fully-managed SaaS service for simpler, safer and faster Kubernetes application delivery, using Argo.

September 19, 2022

Rocket Software launched Rocket® Support for Zowe, a supporting offering for the Open Mainframe Project’s Zowe® open-source framework for z/OS® and its multiple modern interfaces.

September 19, 2022

Appfire announced the acquisition of German company 7pace.

September 15, 2022

Dell Technologies is expanding its long-standing strategic relationship with Red Hat to offer new solutions that simplify deploying and managing on-premises, containerized infrastructure in multicloud environments.

September 15, 2022

Postman announced Postman v10, the most significant upgrade to the platform in almost a year, offering new features around API governance and security, as well as expanded capabilities in collaboration and integration—and higher productivity than ever.

September 15, 2022

Harness announced the general availability of fully managed Harness GitOps-as-a-Service to enable enterprise continuous delivery (CD) workflows for application and infrastructure deployments.