With cloud-native applications growing increasingly popular, they can significantly help with security, observability and compliance.
With more and more organizations accelerating their digital transformation efforts, there has been a steady surge in the development of cloud-native applications. It has also led to an increase in digital workloads as it is being deployed using cloud-native containers and platforms. But, utilizing cloud-native containers and platforms is not without its challenges. As per a recent report from Tigera titled “State of Cloud-Native Security” report, 96% of the respondents in the survey stated that security, Compliance and observability are the top three challenges factors of cloud-native applications, based on a survey of 304 security and IT professionals across the globe. While the respondents perform different roles across multiple, all of them are directly responsible for working with containers.
Among those surveyed, 75% stated that their organization had concentrated most of its development efforts on cloud-native applications. But, given the dynamic nature and often transitory nature of the cloud, they also acknowledged several challenges in their initiative. Moreover, 68% of respondents cited container security as their greatest challenge, followed by network security (60%) and Compliance (57%), while observability was mentioned by about 39%.
Such challenges often end up slowing down cloud-native application deployments for many organizations. When asked which aspects are the biggest challenges when deploying, 67% stated security requirements, while 56% pointed to compliance requirements and 44% mentioned a lack of automation.
The survey results also showed that organizations are seeking to reduce the application attack surface and quickly identify threats. They should view workload-based IDS/IPS, DPI, DDoS protection and WAF (69%), workload access controls (59%) as well as micro segmentation (43%) as the top network security capabilities they need.
To address the security concerns that emerge with cloud-native applications, respondents cited they should reduce application attack surfaces as well as quickly identify threats. Toward that end, respondents said they need a number of tools that could help them, including container-level firewalls, workload access control, micro segmentation as well as infrastructure entitlement management. Furthermore, to get better insights into their cloud-native applications, the respondents expressed a need for specific tools and technologies.
Around 76% of the respondents stated that they require a runtime visualization of their environment to view and understand behaviors and interactions. 57% of the respondents want to detect performance hotspots, while 47% said they need a better way to capture dynamic packets.
Most respondents state observability issues as the most frustrating. 51% of the respondents cited the lack of actionable insights. Meaning they have no way to determine the root causes of an issue or recommendations to resolve it. Moreover, 43% of the respondents pointed to not having visibility into micro-services. Meaning they are unable to see interactions and dependencies among their applications.
The report from Tigera highlights that the move to cloud-native applications has strong momentum. However, organizations need tools to increase visibility while providing security at the container, application, and network levels. These tools also need to remove any barriers as well as delays during development and deployment. They should also reduce the risk of delayed time-to-market, security vulnerabilities and compliance violations.