The State of Kubernetes {Open-Source} Security
Securing Kubernetes environments with open source tools has become increasingly prevalent. Read all you need to know about this shift in ARMO’s detailed report.
Attackers quickly realize Kubernetes is becoming the clear choice for cloud-native organizations. This new reality forces those businesses to make a difficult security decision. They can either integrate several fragmented open-source tools or go proprietary. This report dives deep into this conflict and investigates it thoroughly.
Over half of respondents use open source for K8s security
But…95% of whom struggle with using open source solutions.
Alternatively, 97% of respondents experience challenges with K8s proprietary solutions.
70%
struggle with a proprietary “black box” software, limiting users control, customization and oversight
struggle with a proprietary “black box” software, limiting users control, customization and oversight
Almost a quarter of respondents use 5 or more open source tools
Integration challenges are
a major inhibitor of open source technology
69% said it's difficult to integrate K8s security solutions into their existing stack, especially for those who are using multiple open source tools.
.png "Chart 2 (1)")
Strong security hygiene reported but there are some reality gaps
.png "Metric box (1)")
.png "Metric box (2)")
Leading to a misalignment between leadership's perception of security management and the reality of scans performed.
For K8s security open source solutions to succeed, it needs to evolve. It will have to support better integration with the existing DevOps technology stack. It will also need to offer seamless initial set up and ongoing management of the open source tool. Without these changes, open source adoption won't materialize its full potential.
Methodology
ARMO commissioned this global survey in order to get a deeper understanding of the relationship between open source and Kubernetes security. The survey included 200 K8s users, admins and DevSecOps in companies ranging in size from under 100 employees to more than 5,000. The survey respondents were software developers, and stakeholders from cybersecurity, DevOps and DevSecOps teams. 57% of participants were from North America, 39% from Europe, and 14% from APAC. The respondents were recruited through a global B2B research panel, and invited via email to complete the survey. Global Surveyz, an independent survey company, completed the survey which took place during July and August 2022.
The DevOps’ leading open-source K8s Security platform. Free Forever.
Experience effective, end-to-end, from dev to production, K8s protection:
- Manage Kubernetes role-based-access control (RBAC) visually
- Eliminate misconfigurations and vulnerabilities from your CI/CD pipeline - from YAML to cluster
- Full K8s security compliance in a single dashboard