target audience: TECH BUYER Publication date: Jan 2022 - Document type: IDC Perspective - Doc Document number: # US48636721
How and Why Kubernetes Complicates Security
Content
List of Figures
Get More
When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.
Related Links
Abstract
This IDC Perspective discusses Kubernetes security. Securing Kubernetes though is not like securing servers or applications. Kubernetes totally changes the rules of the game as applications move from monolithic to microservices based, changing applications to include hundreds or even thousands of loosely coupled services that are dynamic, ephemeral, and highly distributed. Modern application development (agnostic of VM or container architectures) requires the ability to build security into applications. Rather than the detection and blocking approaches of the past, the security must be implemented as an integrated component of the application, addressing a vulnerability or configuration issue natively as part of the application development process.
"Buyers looking for Kubernetes security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past. Security should be embedded throughout the container life cycle. This means that buyers need to fundamentally change their approach to security, embracing embedded security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." — Frank Dickson, program vice president, Security and Trust at IDC.