How and Why Kubernetes Complicates Security
Description
How and Why Kubernetes Complicates Security
This IDC Perspective discusses Kubernetes security. Securing Kubernetes though is not like securing servers or applications. Kubernetes totally changes the rules of the game as applications move from monolithic to microservices based, changing applications to include hundreds or even thousands of loosely coupled services that are dynamic, ephemeral, and highly distributed. Modern application development (agnostic of VM or container architectures) requires the ability to build security into applications. Rather than the detection and blocking approaches of the past, the security must be implemented as an integrated component of the application, addressing a vulnerability or configuration issue natively as part of the application development process. "Buyers looking for Kubernetes security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past. Security should be embedded throughout the container life cycle. This means that buyers need to fundamentally change their approach to security, embracing embedded security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." — Frank Dickson, program vice president, Security and Trust at IDC.
Please Note: Extended description available upon request.
This IDC Perspective discusses Kubernetes security. Securing Kubernetes though is not like securing servers or applications. Kubernetes totally changes the rules of the game as applications move from monolithic to microservices based, changing applications to include hundreds or even thousands of loosely coupled services that are dynamic, ephemeral, and highly distributed. Modern application development (agnostic of VM or container architectures) requires the ability to build security into applications. Rather than the detection and blocking approaches of the past, the security must be implemented as an integrated component of the application, addressing a vulnerability or configuration issue natively as part of the application development process. "Buyers looking for Kubernetes security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past. Security should be embedded throughout the container life cycle. This means that buyers need to fundamentally change their approach to security, embracing embedded security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." — Frank Dickson, program vice president, Security and Trust at IDC.
Please Note: Extended description available upon request.
Table of Contents
11 Pages
- Executive Snapshot
- Situation Overview
- Advice for the Technology Buyer
- Considering K8s Security Solutions
- Visibility
- Analytics
- Cloud Security Posture Management Personas
- Response and Remediation
- Guidance for the CIO
- Learn More
- Related Research
- Synopsis
Pricing
Currency Rates
Questions or Comments?
Our team has the ability to search within reports to verify it suits your needs. We can also help maximize your budget by finding sections of reports you can purchase.
