News
Tigera Releases The State of Cloud-Native Security Report, Revealing Key Challenges and Opportunities that Accompany the Rapid Adoption of Cloud-Native Applications
May 2022 by Tigera
Tigera released the findings of its first The State of Cloud-Native Security market report. The report reveals key insights from security and IT professionals around the world, shedding light on the opportunities and challenges enterprises face with containers and cloud-native applications, with a particular focus on security, observability, and compliance.
Growth in cloud-native workloads surged with the rapid digitalization caused by the pandemic and the need for more agile, powerful development tools. By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. This trend is reflected in Tigera’s new report, which found that 75% of companies are focusing development on cloud-native applications. The increased development and deployment of cloud-native applications also creates the need for more advanced observability and security capabilities.
"Organizations are only just beginning to unlock the potential of cloud-native applications," said Ratan Tipirneni, President and CEO, Tigera. "At the same time, however, these unprecedented innovations have created unforeseen challenges–evidenced by the majority of IT professionals naming security as a top challenge when it comes to cloud-native application deployment cycles. At Tigera, we’re proud to provide today’s developers, DevOps engineers, platform engineers, and security teams with the solutions they need for full-stack observability for containers, Kubernetes, and cloud, and we are committed to listening to our users and developing products to meet their needs."
Survey Key Findings
The State of Cloud-Native Security report results showcase the rise in cloud-native development while identifying barriers and areas where organizations need support as they start or continue their cloud-native journey.
Cloud-native applications are gaining momentum but also present security, compliance, and observability issues.
• 97% of companies reported observability challenges with cloud-native applications
• 96% of companies said that cloud-native application challenges are leading to slower deployment cycles, with 67% naming security as the top challenge
• 69% of companies identified container-level firewalls (IPS/IDS, WAF, DDoS, DPI, etc.) as the top need for network security for cloud-native applications
• 76% of organizations need runtime visualization for cloud-native applications
Organizations require security solutions for runtime, access, and networking for containers.
• 99% of companies indicated containers require access to other applications and services
• 98% need container security, with runtime security topping the list
• 99% of companies require network security for containerized applications
Cloud-native and container compliance requirements are driving delays and challenges for organizations.
• 87% of companies said meeting compliance requirements is critical for their company, and 84% of respondents said that meeting compliance requirements for cloud-native applications is challenging
• 95% said they have compliance requirements for cloud-native applications
• 63% of companies must provide container-level information for compliance requirements
• 90% said audit reports are challenging to produce
Cloud-Native Security Solution Adoption in 2022
Adopting tools that increase visibility and provide security at the container, application, and network levels can help enterprises address cloud-native security, including threat prevention by reducing the application attack surface; threat detection by monitoring for both known and unknown threats; and threat mitigation by quickly resolving risks from exposure. These tools remove barriers and delays during development and deployment while also reducing the risk of delayed time to market, security vulnerabilities, and compliance violations.
In keeping with market needs, Tigera’s recent updates to Calico Cloud deliver a complete unified solution for active cloud-native application security across build, deploy, and runtime stages. Calico Cloud is built for cloud-native architecture, maintaining and running infrastructure-as-code. With its integrated policy engine, Calico Cloud mitigates the risk of exposure by deploying corrective security policies as code that can alert, pause, quarantine, or terminate pods. These native extensions enable security and observability-as-code for easy and consistent enforcement across environments.
Survey Respondents
The report yielded responses from 304 security and IT professionals globally (those with direct container responsibilities).
