Sysdig Usage Report Finds Shifting Container Security Left is Not Enough
Sysdig, Inc., the secure DevOps leader, today announced findings from its Sysdig 2021 Container Security and Usage Report. While usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack. The report also looks at trends, finding a 310 percent growth in container density since 2017.
The fourth annual report reveals how global Sysdig customers of all sizes and across industries are using and securing container environments. This real-world, real-time data provides insight into usage of the nearly one billion containers Sysdig customers run yearly, including security risks, container utilization, and services used. Read the Sysdig 2021 Container Security and Usage blog.
Among its findings, the report states that while 74 percent of customers are scanning before deployment, still more than half (58 percent) of containers are running as root. There are some containers that should run as root—security and system daemons for example—but this is a small portion of total containers. These risky configurations leave easy access to potentially compromise the system and access sensitive data. This finding stresses the need for security throughout the lifecycle of a container image—fixing vulnerabilities is not enough.
Highlights From the Report
Container density grows 170% since 2018
Over the past three years, the median number of containers-per-host more than doubled from 15 in 2018 to 41 today, indicating a growth in efficiency and a shift in cost savings as containers mature. This reveals a continued focus on optimization.
Prometheus continues to grow, 35% YoY
Open source adoption is broader than just Kubernetes as organizations are shifting toward Prometheus as the standard approach to monitoring container environments. The use of Prometheus metrics among Sysdig customers grew 35 percent year-over-year.
Docker down, containerd and CRI-O up 4X
In 2017, Docker represented 99 percent of containers in use at that time. Today, that number has fallen to 50 percent, down from 79 percent in October 2019. While Docker revolutionized containers, organizations are rapidly switching to newer runtimes like containerd and CRI-O.
21% of containers live less than 10 seconds
The ephemeral nature of containers is a unique efficiency advantage, yet it can be a challenge in managing issues around security, health, and performance. The short life of containers reaffirms the need for container-specific tools for security and monitoring. For example, organizations need metric collection with intervals of less than 10 seconds and a detailed record of what occurred when the container was alive.
“With the high-profile breaches we are seeing and the accelerated adoption of containers in production, the container security risk is now on the radar of CISOs. Across millions of containers that we have studied, it’s clear that organizations are shifting security left, but they are neglecting critical best practices,” said Suresh Vasudevan, chief executive officer of Sysdig. “Container security has to span the entire software development lifecycle. Until organizations fix risky configurations, protect their runtime environments, and invest in container forensics, we will see an increase in container security breaches. I expect we will see several high-impact breaches before we release our next report.”
Other Interesting Findings
- Falco, the open source runtime project for cloud-native environments created by Sysdig and donated to the CNCF, has seen a 300 percent increase in Docker Hub downloads over the last year.
- The use of golang increased to 66 percent, a 470 percent jump since last year.
- 63 percent of container images are replaced within two weeks or less, signifying a more frequent code deployment rate.
Learn More About this Report
- Download the full Sysdig 2021 Container Security and Usage Report.
- Download the infographic.
- Read the usage report blog.
- Join the webinar Real-World Insights: Dig into Sysdig’s Container Security and Usage Report on Jan. 21 at 10am PST to walk through the report with the author.
Sysdig is driving the secure DevOps movement, empowering organizations to confidently secure containers, Kubernetes, and cloud services. With the Sysdig Secure DevOps Platform, cloud teams secure the build pipeline, detect and respond to runtime threats, continuously validate compliance, and monitor and troubleshoot cloud infrastructure and services. Sysdig is a SaaS platform, built on an open source stack that includes Falco and sysdig OSS, the open standards for runtime threat detection and response. Hundreds of companies rely on Sysdig for container and Kubernetes security and visibility. Learn more at www.sysdig.com.
Amanda McKinney Smith
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
H.I.G. Realty Invests in Production Studios & Content Hub in Madrid15.1.2021 11:00:00 EET | Press release
H.I.G. Capital, LLC ("H.I.G."), a leading global alternative investment firm with $43 billion of equity capital under management, announced today that one of its affiliates has invested in Madrid Content City, an approximately 140,000 square meter hub with state of the art audio-visual facilities, including production studios, production & post-production technical facilities, and a university focused on media studies. H.I.G. continues to add to its sizeable portfolio of real estate assets across Europe, consisting of both equity as well as debt investments, with a particular focus on its target market of value-added small and midcap opportunities. Riccardo Dallolio, Managing Director and Head of H.I.G. Europe Realty Partners, commented: “Madrid Content City will benefit from strong secular tailwinds underpinned by the boom in content production. The state-of-the-art studios and related facilities, the exceptional multinational tenant line-up with long term leases, and its critical mas
Eurofins, the global leader in analytical testing, expands worldwide face mask testing & certification capabilities15.1.2021 09:30:00 EET | Press release
Since the start of the pandemic Eurofins (Paris:ERF) has tested thousands of models of surgical and hygienic masks and provided best-in-class speed and certification for PPEs globally, enabling these critical products to get market as fast as possible. Eurofins has developed global leading testing capabilities and certification services in the North America, Europe and Asia ensuring that PPE manufacturers are able to provide the indispensable support needed in the fight against the coronavirus. As of today, Eurofins is one of the few GLP certified and ISO/IEC 17025 accredited laboratory networks to fully cover all testing requirements for surgical/medical and hygienic masks by the FDA, EU regulations and many international and country-specific directives and guidelines such as CEN, CE Marking, ISO, ASTM or OECD. Our robust portfolio for masks includes globally accepted, safety and performance testing, virucidal, bacterial filtration, particle filtration, differential pressure, biocompa
TOXINS 2021: New analyses of pivotal Phase III trial data highlight long duration of response for Dysport® (abobotulinumtoxinA) in five therapeutic indications15.1.2021 09:00:00 EET | Press release
Regulatory News: Ipsen (Euronext: IPN; ADR: IPSEY) announced results from new analyses of pivotal Phase III clinical trial data to assess treatment intervals over repeat cycles of Dysport® (abobotulinumtoxinA [aboBoNT-A]) in five patient populations. AbobotulinumtoxinA: Evidence for Long Duration of Response from 5 Patient Populations is being shared during the TOXINS 2021 conference, which is taking place virtually between 16-17 January 2020 and is organized by the International Neurotoxin Association.1-28 Ipsen is sharing 26 abstracts during the congress, with data including updates from the recently published surveys into the experience of patients and caregivers, data from the Phase IV ULIS-III trial, and ten abstracts focused on basic science research into neurotoxins.1-27 Spasticity is one of the most common and disabling conditions associated with many neurological conditions in adults and is characterized by velocity-dependent muscle hypertonia. Spasticity can lead to disabilit
Velodyne Lidar Commends NHTSA Plan to Update NCAP14.1.2021 23:58:00 EET | Press release
Velodyne Lidar, Inc. (Nasdaq: VLDR, VLDRW) today commended the U.S. Department of Transportation’s National Highway Traffic Safety Administration (NHTSA) plan to update to its New Car Assessment Program (NCAP). The NHTSA proposal would add four advanced driver assistance system (ADAS) capabilities to the NCAP, keeping pace with evolving safety technologies and providing much-needed information to consumers. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210114005992/en/ Images show vehicle with lidar-based PAEB stopping before adult target @ 50% overlap (above) and vehicle with camera and radar-based PAEB crashing into adult target (below). (Photo: Velodyne Lidar, Inc.) NCAP is the U.S. Government’s premier consumer information program for evaluating vehicle safety performance. The NHTSA proposal to add ADAS technologies to the NCAP includes pedestrian automatic emergency braking, lane keeping support, blind spot warning and
Veristat Supported Marketing Applications for 10% of All FDA Novel Drug Approvals in 202014.1.2021 21:15:00 EET | Press release
Veristat, a scientific-minded global clinical research organization (CRO), announced today that they supported the marketing applications for 10% of the 2020 US Food and Drug Administration (FDA) novel drug approvals. The FDA approved 53 novel drugs, defined by the FDA as New Molecular Entities (NMEs)i, and Veristat regulatory, statistical, and medical writing experts were integral in preparing five of these NME New Drug Applications. Veristat also prepared NDA/BLAs for three non-NME FDA approvals and one Marketing Authorization Application (MAA) that received approval in Europe. "Despite the global challenges in 2020, Veristat continued to advance its mission of helping clients achieve regulatory approval of novel medical therapies," stated Patrick Flanagan, Chief Executive Officer at Veristat. "Now, more than ever, Veristat is focused on providing expert guidance to facilitate the rapid approval for therapies that improve the lives of patients and their families around the world." Ve
Tigo Energy Raises $20 Million in Funding14.1.2021 19:33:00 EET | Press release
Tigo Energy, Inc., the worldwide leader in Flex-MLPE (Module Level Power Electronics) today announced a $20 million round of investment, led by Energy Growth Momentum. “2020 has been a breakout year for Tigo and 2021 has the potential for even greater success,” stated Zvi Alon, Chairman and CEO of Tigo. “We are excited to have the EG Momentum team’s support and their working capital will enable us to better serve our current customer base and invest in the future expansion with new customers, new partners and new projects.” The investment will be used to improve upon existing products and develop next generation solutions that maximize returns for PV customers. A portion of the new funds will be used to efficiently and effectively scale. Tigo’s growth has accelerated significantly recently as the company’s products have reached more customer segments and countries throughout the world. With over 40,000 installations in over 100 countries on all 7 continents, Tigo systems generate more
Samsung’s Newest 108Mp Mobile Image Sensor with Advanced Features Captures More Details and Produces Sharper Results14.1.2021 19:00:00 EET | Press release
Samsung Electronics Co., Ltd., a world leader in advanced semiconductor technology, today introduced its latest 108-megapixel (Mp) mobile image sensor, Samsung ISOCELL HM3. With a wide spectrum of advanced sensor technologies, the HM3 can capture sharper and more vivid images in ultra-high resolution with faster auto-focus and extended dynamic range. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210114005430/en/ ISOCELL HM3 - 108 megapixel image sensor (Graphic: Business Wire) “While a pixel is just a single dot of color, when in millions, these dots can be transformed into stunning snapshots of life. With more pixels, images are sharper, with fuller details that can maintain their integrity even when enlarged. Samsung has been at the forefront of bringing the most pixels to mobile image sensors as well as various supporting technologies that take sensor performances to the next level,” said Duckhyun Chang, executive vice p
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom