eBooks & Reports

ESG Brief - Container Security

Issue link: https://resources.threatstack.com/i/1024787

Contents of this Issue


Page 0 of 4

© 2018 by The Enterprise Strategy Group, Inc. All Rights Reserved. Container Adoption Is Increasing Server Type Heterogeneity While some in IT believe that the use of containers is limited to test and development, and that production use is just beginning, ESG's research indicates that container use in production is fairly widespread. Indeed, according to the aforementioned research, ESG found that 56% of organizations are already deploying containers in a production capacity, with 13% reporting extensive production deployments, and another 24% intending to go into production in the next 12 months. 1 These results show that containers are becoming a common production workload deployment option coexisting with virtual machines and bare metal servers, yielding an increasingly heterogeneous mix of server types. ESG also found that containers currently represent 19% of the average production server mix, growing to 33% over the next two years. The adoption of application containers has served to increase server type heterogeneity, which can have the unintended effect of complicating cybersecurity objectives. 1 Source: ESG Brief, The Growth in the Use of Application Containers, May 2018. ESG Brief The Role of DevSecOps in Automating Application Container Security Date: June 2018 Author: Doug Cahill, Senior Analyst; Edwin Yuen, Analyst; and Bill Lundell, Director of Research Abstract: The rapid adoption of application containers is creating a new set of cybersecurity challenges and, as a result, an expanded set of requirements for server workload security solutions. Research conducted by ESG shows that containers are moving quickly into production with a side effect of sprawl, as previously experienced by IT departments with the advent of virtual machines. Exploit attacks experienced by many organizations have created concerns about how application container environments—including registry-resident images and orchestration platforms—expose a new set of software, configuration, and access vulnerabilities. ESG research also reveals a strong interest in automating security via DevOps ("DevSecOps") and shows how these practices allow cybersecurity and operations teams to integrate security in each stage of the continuous integration and continuous delivery (CI/CD) pipeline that governs the build-ship-run phases of the container lifecycle. Enterprise Strategy Group | Getting to the bigger truth.™

Articles in this issue

view archives of eBooks & Reports - ESG Brief - Container Security