A survey of 600 DevOps, engineering, and application security professionals revealed significant security challenges in cloud-native application development, reports Cloud Native Now.
The Red Hat poll found that 67% of organizations have delayed or slowed their application development due to security concerns. In the past year, 89% of respondents experienced at least one security incident, with 45% encountering runtime incidents and a nearly equal percentage facing issues during the build and deployment phases.
Notably, 40% detected misconfigurations in their container or Kubernetes environments, and 26% failed an audit. However, only 42% of respondents said they consider container and Kubernetes security as their leading concern, with an equal percentage acknowledging insufficient security capabilities. Additionally, 48% reported that they are in the early stages of adopting DevSecOps practices, and 33% believe existing security solutions hinder development. They respondents said that key supply chain risks include software vulnerabilities at 44%, open-source software at 33%, and untrusted content at 33%. Fifty-seven percent detected vulnerable components in their supply chain, and 52% reported unauthorized processes.
