Tripwire, Inc., on Monday announced the results of a study examining the security practices and concerns of container technology The study, conducted in partnership with Dimensional Research in November 2018, surveyed 311 IT security professionals who manage environments with containers at companies with over 100 employees. The survey found that 60 percent of respondents reported their organizations have experienced container security incidents in the past year.
However, of the 269 respondents who currently have containers in production, 47 percent said they deployed containers known to have vulnerabilities, while 46 percent said they deployed containers without knowing whether or not they had vulnerabilities.
Rise of DevOps exposes organizations to risk via container vulnerabilities
In addition, they study found that 75 percent of those with more than 100 containers in production have reported an incident, and 71 percent of the total respondents expect the rate of container security incidents to increase this year. Furthermore, 98 percent of respondents believe they need additional security capabilities, while only 12 percent believe they could detect a compromised container within minutes.
Finally, 42 percent have either delayed or limited container adoption due to security concerns. “Security can and should be embedded into the DevOps life cycle, incorporating vulnerability and configuration assessment of container infrastructure to monitor risks from build to production,” says Tripwire’s Tim Erlin.