How and Why Kubernetes Complicates Security

How and Why Kubernetes Complicates Security

This IDC Perspective discusses Kubernetes security. Securing Kubernetes though is not like securing servers or applications. Kubernetes totally changes the rules of the game as applications move from monolithic to microservices based, changing applications to include hundreds or even thousands of loosely coupled services that are dynamic, ephemeral, and highly distributed. Modern application development (agnostic of VM or container architectures) requires the ability to build security into applications. Rather than the detection and blocking approaches of the past, the security must be implemented as an integrated component of the application, addressing a vulnerability or configuration issue natively as part of the application development process. "Buyers looking for Kubernetes security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past. Security should be embedded throughout the container life cycle. This means that buyers need to fundamentally change their approach to security, embracing embedded security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." — Frank Dickson, program vice president, Security and Trust at IDC.

Please Note: Extended description available upon request.

Executive Snapshot
Situation Overview
Advice for the Technology Buyer
Considering K8s Security Solutions
Cloud Security Posture Management Personas
Response and Remediation
Guidance for the CIO
Learn More
Related Research

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook
Cookie Settings