As enterprises and small businesses increasingly use containers and distributed applications, threat actors are becoming increasingly sophisticated.
Recently disclosed security flaws discovered in Kubernetes could have been exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.
Doubling down on security has never been more critical as the threat landscape continues to worsen and evolve.
Against this backdrop, Tigera polled more than 1,200 users of Calico Open Source, the most widely adopted container security and network solution, to gauge what capabilities IT professionals need for container security and networking.
Survey respondents, including those responsible for DevOps, architecture, or IT operation and infrastructure at their organizations, shared that they use Calico Open Source primarily for Kubernetes networking and security.
Poor network visibility in Kubernetes clusters and workloads can cause misconfigurations, which can lead to catastrophic consequences like ransomware attacks, exposure of sensitive data, denial of service attacks, and unauthorized lateral movement.
Another recent industry report, Red Hat's State of Kubernetes Security, revealed that almost half of respondents experienced one or more of these issues in the last year.
This underscores the critical need for visibility at the workload level to identify and mitigate misconfigurations and threats that traditional perimeter-based security solutions cannot identify.
Network security policy creation and deployment is driven by the need for workload access control and secure egress access.
The report revealed workload access policies that limit pod-to-pod communication as the most popular type of security policy Calico users deploy, followed by policies for secure egress access.
Eighty-five percent of users said they needed to achieve network segmentation and protect east-west traffic.
IT leaders need enhanced security controls at the workload level to limit pod-to-pod communication, reducing the risk of lateral movement of threats and contributing to compliance efforts.
What's more, egress access controls allow users to adopt a default-deny posture that helps protect against data exfiltration threats.
Container security requires a multi-layered approach that includes security measures at different levels, including the network, host, and application layers.
Network security reduces the attack surface, which is a key way to protect containers.
Vulnerability management, configuration management, and deploying a runtime security solution are critical.
Security teams must ensure their runtime security tools can rapidly identify and mitigate any intrusion attempts, or risk serious consequences.
Overall, a defense-in-depth strategy is designed to offer more comprehensive protection against different types of attacks.
The goal of this approach is to make it more challenging for attackers to penetrate an organization's defenses and to limit the damage if an attack does occur.
The report findings demonstrate that today's technology professionals understand the importance of deploying solutions that help them achieve security in an increasingly challenging threat landscape.
This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Sun, 17 Dec 2023 00:13:05 +0000