With so much interest in DevOps and continuous integration and delivery, containers are a natural. However, security is a sticking point. Security professionals are expressing concern about the security of technology containers, beloved for their flexibility and agility, now being implemented en masse across enterprises. That’s the takeaway from a recent survey of 311 IT security professionals published by Tripwire. “As DevOps continues to drive increased use of containers, security teams are struggling to secure these new assets and processes,” the report’s authors state. As many as 94 percent are concerned about container security, and 60 percent report they have had container security incidents in the past year. Another 47 percent have vulnerable containers in production. Another 46 percent simply don’t know if they do. Looking forward, 71 percent expect they will see container-related security incidents at their enterprises over the coming year. At least 42 percent say they even have attempted to put the kibosh on container projects over the past year in an effort to reduce security exposures. Here are steps and solutions security pros want to see for locking down containers: Incident detection and response for containers and infrastructure 52% Isolate containers that behave abnormally 49% More security-focused monitoring of container infrastructure 48% Greater visibility into container risk 48% Monitor containers for drift or behavior changes 45% Attack-blocking technologies for containers 45% Artificial intelligence security analytics for containers 40% Blockchain 22% We don’t want anything special for container security 2% So, why are containers such much… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.