Kubernetes appears to be a security nightmare because it’s extremely complex to use and people tasked with using it are having a hard time getting by, according to a report from Red Hat.
The company polled 300 DevOps, engineering and security professionals for the paper, and found that 55% had postponed an app launch due to security concerns.
Almost all (93%) had at least one security incident in their Kubernetes environment in the past 12 months, with a third (31%) experiencing either lost revenue or lost customers.
“Kubernetes and containers, while powerful, were designed for developer productivity, not necessarily security,” the report says. “For example, the default pod-to-pod network settings allow open communication to bring a cluster up and running quickly, at the expense of hardening security.”
Complex environments lead to misconfigurations, and misconfigurations lead to endpoint security incidents.
“Despite considerable media attention on cyberattacks, the report underscores that it is actually misconfigurations that are keeping IT pros up at night,” said Ajmal Kohgadai, product marketing manager at Red Hat. .
“Kubernetes is highly customizable, with various configuration options that can affect an application’s security posture. As a result, respondents were most concerned about exposures due to misconfigurations in their container and Kubernetes environments ( 46%) – nearly three times the level of concern about attacks (16%).”
However, this hardly hurts the image or popularity of Kubernetes. Open-source container orchestration software is used or considered by 96% of organizations, according to last year’s Cloud Native Computing Foundation report.
Red Hat seeks to solve the problem of human error by minimizing human interaction through automation, and to that end acquired StackRox last year. “The StackRox project aims to help simplify DevSecOps by integrating security capabilities into the development and deployment lifecycle, effectively moving application security ‘to the left’ in software building,” the company told Reuters. ‘era.
Via: The Registry