Visibility and consistency are essential for container security

As I discussed in my previous article, business and technology leaders are under more pressure than ever to transform. That pressure flows directly to development teams tasked with unlocking organisational agility and meeting the changing needs of customers.

Of course, containers are essential for cloud-native transformation and the operating system for cloud-native development is Kubernetes. Kubernetes platforms enable development teams to deploy at the speed and scale required for today’s organisations and transformations.

At the same time, this new landscape of containers and Kubernetes has introduced a relative level of complexity for DevOps teams who are also attempting to instil Zero Trust and DevSecOps practices. The “shift left” movement has seen DevOps teams working to ensure security is integrated at the earliest possible stage of the development cycle.

And for good reason.

A new landscape of threats

With no shortage of high-profile cyberattacks in the press each week, cybersecurity is on the mind of executives who wonder when they’ll be next. Unfortunately, a cyberattack or data breach has become a near inevitability for organisations of every size, and in every sector.

As digital environments evolve through ongoing transformation, cyber attackers evolve their tactics to exploit vulnerabilities in new platforms or applications. Unsurprisingly, Kubernetes and containers offer their own unique vectors to exploit, with non-profit security organisation The Shadowserver Foundation recently discovering that 84% of systems hosting Kubernetes are accessible via the internet.

Beyond the potential data loss and reputational damage that comes from a cyberattack, there is also a raft of security and privacy regulations for large organisations to contend with, including PCI-DSS, SOC-2, and GDPR – all of which have strict requirements for automated compliance scanning and reporting capabilities in production environments.

However, NeuVector (recently acquired by SUSE) found in their annual container security survey that only 20% of DevOps practitioners report using a compliance tool for their container and Kubernetes environments. Almost 75% of respondents also had concerns over their Kubernetes runtime security – including their risk of network attacks, man-in-the-middle attacks, and crypto mining. Solving these issues will require automated tools that offer new levels of visibility and security for Kubernetes environments.

Zero trust security through consistency and visibility

These challenges highlight why we’re so excited to have integrated SUSE NeuVector 5.0 with SUSE Rancher. Rancher users can now easily access and authenticate themselves to manage SUSE NeuVector directly through the Rancher console. This provides development teams with a complete zero-trust stack through a consistent user experience that simplifies security management for large, globally distributed Kubernetes environments.

Security will be a growing priority for business and technology leaders, yet we know they’re also reticent to have security be the handbrake on agility. As we’re seeing with many of our own customers, by providing DevOps teams with intuitive and automated security tools within their Kubernetes platform, they’re then free to focus on the rapid innovation that will drive competitive advantage.

About the author

As the Chief Operating Officer for SUSE APJ, I’m focused on enabling our team to deliver on the strategic vision for delivering cutting-edge Open Source solutions that allow our customers to Innovate Everywhere. With more than a decade of experience as a senior executive and strategic consultant across the enterprise technology sector, I bring my expertise from sectors such as supply chain, construction, and engineering to understand the complex challenges our customers are facing, and how we can be best positioned to assist in their ongoing transformation.