Container security concerns escalate
86% of IT decision makers say their companies already deploy containers, or they plan to do so within a year, according to Twistlock. Of these, 35% said containers are already broadly deployed across their networks.
91% of respondents said they are concerned about container security, and half are “very” or “extremely” concerned. Of those who do not use containers in their data center, 81% said the addition of in-container security would prompt them to adopt a container strategy. The survey, conducted in August, netted 272 responses from across North America.
Containers, such as those by Docker and CoreOS, are a method of deploying applications faster and more cost-effectively than traditional means. Container technologies have become a phenomenon of late, with Docker rising rapidly in popularity and market share.
The survey found that Docker is the predominant source for container images – more than 98% of those who are using containers said they use Docker hub or Docker Trusted Registry as image source.
The three container security features that respondents said they would most-benefit from are:
- The ability to ensure that all containers have a consistent security model from development through production (83%)
- Preventing development mistakes from reaching production (82%)
- Detecting vulnerabilities in containers (80%).
“This survey shows what Twistlock has known all along—that even though containers are accessible and easy to deploy, many companies do not have a good grasp of how to manage container security. This remains a major adoption hurdle that is keeping data centers from migrating to containers completely” said Ben Bernstein, CEO of Twistlock.
The survey also found that nearly 55% of respondents have 100 or more containers in production and 49% have more than 100 container images. In addition, virtual machines remain a popular platform to run containers – 62% said they run containers on top of VMs, with VMware as the top platform choice. In contrast, only 17% said they run containers on bare metal servers.