Monday, 27th September 2021
Logo

97% of survey respondents still unaware of crucial container security principles

Aqua Security has released the results of its 2021 Cloud Native Security Survey revealing the knowledge gap around runtime security and the associated risks. The study found that only 3% of respondents recognise that a container, in and of itself, is not a security boundary, indicating that the default security capabilities of containers are overestimated. This result is especially alarming in conjunction with the fact that only 24% of respondents have plans in place to deploy the necessary building blocks for runtime security.

"The results of the survey showcase a staggering knowledge gap that leads to an underinvestment in a critical part of full lifecycle, end-to-end security for cloud native applications,” said Amir Jerbi, cofounder and CTO at Aqua. “When practitioners fail to implement a holistic approach with protecting their workloads at runtime, they are opening up their environments to attackers, since even the most complete ‘shift left’ vulnerability and malware detection cannot prevent zero-day attacks and administrator errors.”

The report demonstrates the difficulty and complexity of understanding key cloud native security risks, along with how to counteract them. Despite recent reports showing the increased sophistication of cloud native attacks, only 18% of respondents realise they are at risk for zero days in containerized environments.

Confidence vs. Reality

While 32% of respondents were confident in overall holistic runtime security protection, detailed questions revealed that less than 23% of respondents in fact had the necessary building blocks of runtime security in place.

Supply Chain Risks

A knowledge gap around workload protection has led to a striking number of practitioners who believe they are protected from supply chain attacks in production, but in fact are not. While 73% believed that they could stop software supply chain attacks evading static analysis, there was an apparent misconception about the role of runtime security in achieving this protection.

“There is a concerning overconfidence in the perceived ability to prevent supply chain attacks. The reality is that runtime security is essential because sophisticated supply chain attacks evade static analysis. We see unnamed attackers use legitimate vanilla images to download malicious elements at runtime, Kinsing malware that only downloads in runtime, and attackers like Team TNT who hide their malicious communications attacking our honeypots on daily basis,” said Jerbi.

Increasing Container Threats

In a recent threat report, Aqua found that attackers are becoming more proficient at hiding their methods and evading static scanning, while threats to container based environments have become more dangerous and more varied. Over a six-month period, Aqua observed honeypots being attacked 17,358 times, representing a 26% increase from just six months previously. The increasing volume of attacks demonstrates the importance of implementing holistic cloud native security, including runtime protection, in order to protect against attackers who have evaded detection and have access to the production environment.

"Holistic cloud native security should be every practitioner’s goal. It is not just about runtime security or any other one focus area. It is about ensuring the entire application life cycle is covered, from the build to the infrastructure and the workloads,” said Jerbi.



StepStone uses new safety system and cybersecurity awareness training to reduce phishing and imperso...
Security teams must rethink processes to aid innovation and customer experience.
Approximately 5.4 million DDoS attacks represent an 11% increase over 1H2020.
On average, UK organisations need an additional £1.88m and 22 new IT staff each to shorten the vulne...
Delivers Zero Trust OT/IT security approach for office and production networks.
New Tessian report reveals how two million emails, flagged as malicious, bypassed traditional email...
The move enables enterprises to securely adopt a SaaS-based security framework.
Study shows organisations are managing more than ten times the amount of data than they did five yea...