[By Ratan Tipirneni, President and CEO, Tigera]
Cloud computing and the use of cloud-native architectures enable unmatched performance, flexibility, velocity, and innovation. But as enterprises and small businesses increasingly use containers and distributed applications, threat actors are becoming increasingly sophisticated. For example, new Distributed Denial-of-Service (DDoS) attack techniques have emerged that target cloud-native and Kubernetes-based applications. Recently disclosed security flaws discovered in Kubernetes could have been exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.
Doubling down on security has never been more critical as the threat landscape continues to worsen and evolve. Against this backdrop, Tigera polled more than 1,200 users of Calico Open Source, the most widely adopted container security and network solution, to gauge what capabilities IT professionals need for container security and networking.
Survey respondents, including those responsible for DevOps, architecture, or IT operation and infrastructure at their organizations, shared that they use Calico Open Source primarily for Kubernetes networking and security. The State of Calico Open Source: Usage & Adoption report revealed that the critical capabilities driving the adoption of container networking and security solutions include:
- Scalable networking (35%)
- Security policies (35%)
- Interoperability across different environments (33%)
- Encryption capabilities (30%)
Poor network visibility in Kubernetes clusters and workloads can cause misconfigurations, which can lead to catastrophic consequences like ransomware attacks, exposure of sensitive data, denial of service (DoS) attacks, and unauthorized lateral movement. Another recent industry report, Red Hat’s State of Kubernetes Security, revealed that almost half of respondents experienced one or more of these issues in the last year. This underscores the critical need for visibility at the workload level to identify and mitigate misconfigurations and threats that traditional perimeter-based security solutions cannot identify.
Network security policy creation and deployment is driven by the need for workload access control and secure egress access. In fact, the report revealed workload access policies that limit pod-to-pod communication as the most popular type of security policy Calico users deploy, followed by policies for secure egress access.
- Workload access policies that limit pod-to-pod communication (61%)
- Secure egress access policies (41%)
- Microsegmentation policies (24%)
- Compliance (8%)
The State of Calico Open Source: Usage & Adoption Report findings show that developers understand the importance of robust workload-centric network security for Kubernetes workloads. Eighty-five percent of users said they needed to achieve network segmentation and protect east-west traffic. IT leaders need enhanced security controls at the workload level to limit pod-to-pod communication, reducing the risk of lateral movement of threats and contributing to compliance efforts. What’s more, egress access controls allow users to adopt a default-deny posture that helps protect against data exfiltration threats.
Container security requires a multi-layered approach that includes security measures at different levels, including the network, host, and application layers. Network security reduces the attack surface, which is a key way to protect containers.
Vulnerability management, configuration management, and deploying a runtime security solution are critical. Security teams must ensure their runtime security tools can rapidly identify and mitigate any intrusion attempts, or risk serious consequences.
Overall, a defense-in-depth strategy is designed to offer more comprehensive protection against different types of attacks. The goal of this approach is to make it more challenging for attackers to penetrate an organization’s defenses and to limit the damage if an attack does occur. The report findings demonstrate that today’s technology professionals understand the importance of deploying solutions that help them achieve security in an increasingly challenging threat landscape.
Author Bio
Ratan Tipirneni is President & CEO at Tigera, where he is responsible for defining strategy, leading execution, and scaling revenues. Ratan is an entrepreneurial executive with extensive experience incubating, building, and scaling software businesses from early stage to hundreds of millions of dollars in revenue. He is a proven leader with a track record of building world-class teams.
