Sysdig Usage Report Finds Shifting Container Security Left is Not Enough
Sysdig, Inc., the secure DevOps leader, today announced findings from its Sysdig 2021 Container Security and Usage Report. While usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack. The report also looks at trends, finding a 310 percent growth in container density since 2017.
The fourth annual report reveals how global Sysdig customers of all sizes and across industries are using and securing container environments. This real-world, real-time data provides insight into usage of the nearly one billion containers Sysdig customers run yearly, including security risks, container utilization, and services used. Read the Sysdig 2021 Container Security and Usage blog.
Among its findings, the report states that while 74 percent of customers are scanning before deployment, still more than half (58 percent) of containers are running as root. There are some containers that should run as root—security and system daemons for example—but this is a small portion of total containers. These risky configurations leave easy access to potentially compromise the system and access sensitive data. This finding stresses the need for security throughout the lifecycle of a container image—fixing vulnerabilities is not enough.
Highlights From the Report
Container density grows 170% since 2018
Over the past three years, the median number of containers-per-host more than doubled from 15 in 2018 to 41 today, indicating a growth in efficiency and a shift in cost savings as containers mature. This reveals a continued focus on optimization.
Prometheus continues to grow, 35% YoY
Open source adoption is broader than just Kubernetes as organizations are shifting toward Prometheus as the standard approach to monitoring container environments. The use of Prometheus metrics among Sysdig customers grew 35 percent year-over-year.
Docker down, containerd and CRI-O up 4X
In 2017, Docker represented 99 percent of containers in use at that time. Today, that number has fallen to 50 percent, down from 79 percent in October 2019. While Docker revolutionized containers, organizations are rapidly switching to newer runtimes like containerd and CRI-O.
21% of containers live less than 10 seconds
The ephemeral nature of containers is a unique efficiency advantage, yet it can be a challenge in managing issues around security, health, and performance. The short life of containers reaffirms the need for container-specific tools for security and monitoring. For example, organizations need metric collection with intervals of less than 10 seconds and a detailed record of what occurred when the container was alive.
“With the high-profile breaches we are seeing and the accelerated adoption of containers in production, the container security risk is now on the radar of CISOs. Across millions of containers that we have studied, it’s clear that organizations are shifting security left, but they are neglecting critical best practices,” said Suresh Vasudevan, chief executive officer of Sysdig. “Container security has to span the entire software development lifecycle. Until organizations fix risky configurations, protect their runtime environments, and invest in container forensics, we will see an increase in container security breaches. I expect we will see several high-impact breaches before we release our next report.”
Other Interesting Findings
- Falco, the open source runtime project for cloud-native environments created by Sysdig and donated to the CNCF, has seen a 300 percent increase in Docker Hub downloads over the last year.
- The use of golang increased to 66 percent, a 470 percent jump since last year.
- 63 percent of container images are replaced within two weeks or less, signifying a more frequent code deployment rate.
Learn More About this Report
- Download the full Sysdig 2021 Container Security and Usage Report.
- Download the infographic.
- Read the usage report blog.
- Join the webinar Real-World Insights: Dig into Sysdig’s Container Security and Usage Report on Jan. 21 at 10am PST to walk through the report with the author.
Sysdig is driving the secure DevOps movement, empowering organizations to confidently secure containers, Kubernetes, and cloud services. With the Sysdig Secure DevOps Platform, cloud teams secure the build pipeline, detect and respond to runtime threats, continuously validate compliance, and monitor and troubleshoot cloud infrastructure and services. Sysdig is a SaaS platform, built on an open source stack that includes Falco and sysdig OSS, the open standards for runtime threat detection and response. Hundreds of companies rely on Sysdig for container and Kubernetes security and visibility. Learn more at www.sysdig.com.
Amanda McKinney Smith
About Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Logitech’s Q3 Sales Grow 85%, Operating Income Triples19.1.2021 03:00:00 CET | Press release
Logitech International (SIX: LOGN) (Nasdaq: LOGI) today announced financial results for the third quarter of Fiscal Year 2021. Q3 sales were $1.67 billion, up 85 percent in US dollars and 80 percent in constant currency, compared to Q3 of the prior year. Q3 GAAP operating income grew 248 percent to $448 million, compared to $129 million in the same quarter a year ago. Q3 GAAP earnings per share (EPS) grew 222 percent to $2.22, compared to $0.69 in the same quarter a year ago. Q3 non-GAAP operating income grew 214 percent to $476 million, compared to $152 million in the same quarter a year ago. Q3 non-GAAP EPS grew 192 percent to $2.45, compared to $0.84 in the same quarter a year ago. Cash flow from operations was $530 million, compared to $181 million in the same period a year ago. “This quarter’s record results demonstrate the strength of our portfolio, addressing long-term growth trends in remote work and education, video collaboration, esports, and digital content creation,” said B
SSi Canada Partners with SES Networks to Deliver New Satellite Capacity into Northern Canada18.1.2021 17:40:00 CET | Press release
Vital new satellite capacity will be delivered to Canada’s north, including all 25 communities of Nunavut, following a partnership signed between SSi Canada, the developer-operator of QINIQ broadband and SSi Mobile services in Nunavut, and SES Networks, the leader in global content connectivity solutions. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210118005410/en/ SSi Canada Partners with SES Networks to Deliver New Satellite Capacity into Northern Canada (Photo: Business Wire) This partnership comes at a critical time for Nunavut, with the COVID-19 crisis having led to an unprecedented need for reliable internet and mobile communications services as Nunavummiut move increasingly to study, work, and shop online and at home. With growing demand for QINIQ broadband and SSi Mobile services, all 25 communities in Nunavut - and elsewhere in Northern Canada - will benefit from SSi Canada’s multi-year agreement with SES Network
Cloud Contradiction: Despite Security Driving Cloud Adoption, Aptum Study Reveals It’s also the Main Barrier to Cloud Transformation18.1.2021 15:00:00 CET | Press release
While 91% of organizations were successful in increasing security as a result of adopting cloud services, it remains a top concern for many. This finding comes from part two of the four-part Cloud Impact Study from Aptum, the global hybrid multi-cloud managed service provider. The report, titled The Security and Compliance Barricade, identifies common security, compliance and governance challenges impacting organizations undergoing cloud transformation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210118005035/en/ Aptum Cloud Impact Study Pt 2.: The Security and Compliance Barricade (Graphic: Business Wire) The independent research reveals that more than half of survey respondents (51%) see security as the main driver behind cloud adoption. However, 38% cite security and data protection as the primary barrier to cloud transformation. Security and compliance play a critical role Part one of the Cloud Impact Study, Bridging
EG Group Selects PDI to Bring Contactless Payments to its North American Sites18.1.2021 13:00:00 CET | Press release
PDI (www.pdisoftware.com), a global provider of enterprise software solutions to convenience retailers and petroleum wholesalers, announced it has reached an agreement with EG Group to expand the use of PDI Payments to nearly 1,700 sites across North America. PDI added payments capabilities to its Marketing Cloud Solutions offering last year after acquiring ZipLine, the industry leader for ACH payment and provider of mobile payment technology. The PDI Payments platform currently powers EG Group’s SmartPay Rewards. The rewards program originated with Cumberland Farms—one of several U.S.-based convenience store brands EG Group acquired in recent years—and will soon be rolled out to EG Group’s remaining stores across North America. Customers can download the free app and enjoy a contactless payment experience, whether making purchases in the store or at the pump. PDI will provide the technology to support customer enrollment in SmartPay and deliver ongoing customer service for reward memb
Argo Blockchain PLC announces £22.4 Million Private Placement with Institutional Investors and Mining Capacity Expansion18.1.2021 09:46:00 CET | Press release
Argo, the leading cryptocurrency miner based in the UK (LSE:ARB), is pleased to announce that it has entered into a securities purchase agreement for a private placement of its ordinary shares ("Ordinary Shares") to certain institutional investors for gross proceeds of GBP £22.4 million (the "Private Placement"). Pursuant to the Private Placement, the Company will issue 28 million Ordinary Shares (the “Placement Shares”) at a purchase price of GBP £0.80 per Ordinary Share. The Private Placement is limited to those certain institutional investors that have already subscribed and this announcement should not be considered an offer or solicitation to purchase or subscribe for securities in the United States. H.C. Wainwright & Co. is acting as the exclusive placement agent for the Private Placement. The net proceeds of the Private Placement will be used by the Company for working capital and general corporate purposes, including the expansion of the Company’s mining capacity in Q1 and Q2 o
Reply Signs an Agreement with AWS to Develop Industry Solutions18.1.2021 09:30:00 CET | Press release
Reply, specialized on new communications channels and digital media, announces today it has signed a Strategic Collaboration Agreement (SCA) with Amazon Web Services (AWS) to develop industry solutions for Financial Services, Manufacturing, Automotive, Retail, Energy, and Telco customers. Through this SCA, the Reply Group of companies dedicated to AWS – Comsysto Reply, Data Reply, Sense Reply, and Storm Reply – will work with organizations of virtually all sizes and allow them to innovate faster and deliver consistent improvements on their business processes using advanced and secure AWS technologies. Reply’s companies dedicated to AWS will offer solutions for highly regulated Financial Services customers, providing them with strategic advisory and security-related consultancy, practices, and frameworks to modernize legacy platforms and solutions designed to address fraud and financial-crime use cases. They will also provide Industrial and Manufacturing customers with the tools they ne
L&T Technology Services Rated as Global Pure-Play ER&D Services Leader by Zinnov18.1.2021 09:00:00 CET | Press release
L&T Technology Services Limited (BSE: 540115, NSE: LTTS), a leading global pure-play engineering services company, today announced that it has been rated as a ‘Leader’ in new technologies critical for products and services transformation and also placed in the Leadership Zone across major ER&D Services’ sectors in the Zinnov Zones 2020 ER&D Services study for the fourth consecutive year. LTTS continued to hold the top leadership position in the pure play ER&D Services category in the Zinnov Zones assessments. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210118005070/en/ LTTS rated as a Global Leader in ER&D Services in Zinnov Zones 2020. (Graphic: Zinnov) In its latest industry rankings, Zinnov positioned L&T Technology Services as an “Expansive and Established” engineering partner with deep domain competencies in overall ER&D services. LTTS has been rated in the “Leadership Zone” across verticals such as Automotive, Aeros