The latest edition of the State of Container and Kubernetes Security Report finds that 44% of respondents have delayed deploying cloud-native applications because of security concerns, delaying the deployment of cloud-native applications into production.
StackRox surveyed more than 540 IT professionals for this third version of its industry-first report. Roughly 25 percent of respondents serve in security or compliance roles, 20 percent in operations, and 45 percent in product development and engineering roles.
Additionally, the report found that 94% of the respondents have experienced security incidents in their container environments in the past 12 months.
The majority of those affected (69%) experienced a misconfiguration incident during runtime and 24% reported having had a major vulnerability to remediate.
“For the third time in a row, security leads the list of top concerns users have about container strategies,” StackRox wrote in a post that described the key findings. “However, container security strategies continue to mature, with the percentage of respondents who lacked any form of security strategy dropping 68 percent, from 19 percent to just 6 percent.”
While misconfigurations topped the list of concerns and incidents, respondents remain most concerned about the runtime phase of the container life cycle (56 percent) vs. build and deploy. Also, the percentage of organizations with fewer than 10% of their containers running in production fell from 39% to 28%.
“Organizations have executive buy in – the challenge is understanding the security and compliance requirements so that they can be addressed early in the application development life cycle and prevent delays to application deployment,” said Kamal Shah, CEO of StackRox.
The full report is available here.