Today DevOps and security teams who deploy Kubernetes are forced to make a difficult choice between two security realities. They can either commit to a proprietary solution that they can’t adapt, access its code, influence the roadmap or contribute to its future. Or they can use open-source tools. But then they’ll end up attempting to integrate several of these tools together. This will add complexity to the monitoring and management of the Kubernetes environment, and will require a significant effort in order to get a single pane of glass view.
A difficult choice with no clear winner.
As Kubernetes now becomes a de facto standard for organizations who work on the cloud, this tough decision becomes more and more prevalent. In order to get a better understanding of this challenge, ARMO (the makers of Kubescape) decided to commission a global survey. More than two hundred Kubernetes users and admins participated from companies ranging in size from under 100 employees to more than 5,000. The survey respondents are software developers and stakeholders from cybersecurity teams, DevOps and DevSecOps.
- 55% of respondents are using open source for K8S security
- Almost a quarter are using 5 or more open source tools
- 69% said it’s difficult to integrate K8s security solutions into their existing stack
You’re welcome to dive right in and read all about it: https://landing.armosec.io/state-of-kubernetes-open-source-security-2022
By Jonathan Kaftzan
Source: CNCF Blog