In excess of 50 % of businesses have endured a security incident because of to misconfiguration or a known vulnerability in their cloud indigenous programs, in accordance to new research from Snyk.
The open resource security firm’s to start with ever Point out of Cloud Indigenous Software Security Report uncovered that adoption of cloud native strategies is soaring, with about 78% of creation workloads now deployed as containers or serverless programs.
However, this comes with its personal risks: 60% of developers have experienced enhanced security issues since going cloud native, the report claimed.
Misconfiguration (45%) and acknowledged unpatched bugs (38%) have been the most commonly experienced security incidents, with misconfiguration (58%) and insecure APIs (52%) topping the record of respondents’ considerations.
“Cloud native platforms making use of automatic tooling rely on credentials these types of as insider secrets and API tokens in purchase to run, necessitating a extra decentralized tactic to taking care of these kinds of access,” the report mentioned. “The require for powerful management of these kinds of artifacts is a critical differentiator from the extra centralized pre-cloud era, and a main region of concern for operations groups reworking their infrastructure.”
On the additionally side, Snyk also disclosed that builders are turning into more and more invested in issues of cybersecurity.
Even though a lot less than 10% of respondents in security roles stated they imagined developers had been dependable for the security of their cloud native surroundings and purposes, in excess of 36% of developers claimed that they had been.
Automation is the essential to improving upon security throughout the growth lifecycle, the report also observed.
With absolutely automatic pipelines in place, frequent security tests seems to grow to be less difficult. Respondents with large levels of deployment automation were additional than two times as likely to have adopted security tests at all points all over the application advancement lifecycle as individuals with no automation.
In addition, approximately 70% of these respondents with high ranges of deployment automation have been able to take a look at their security day by day or much more frequently. That is 17 times more than respondents who experienced no deployment automation, in accordance to Snyk.
Some elements of this article are sourced from: