Cloud-native applications are growing in popularity but can present issues related to security, compliance and observability, says Tigera.
As more companies kick their digital transformation projects into high gear, there’s been a surge in the development of cloud-native applications. This has led to a rise in digital workloads being deployed using cloud-native containers and platforms, but this increased reliance on the cloud for applications also brings with it key challenges. A report released Wednesday by cloud-native application platform Tigera examines some of the challenges and offers tips on how to manage them.
Tigera’s State of Cloud-Native Security report is based on a survey of 304 security and IT professionals from around the world. Though the respondents perform different roles across different industries, all of them are directly responsible for working with containers.
Among those surveyed, 75% said that their companies have focused most of their new development efforts on cloud-native applications. But given the dynamic and often transitory nature of the cloud, they also acknowledged several challenges in this initiative.
Some 96% of the respondents pointed to security, compliance and observability as the top three most challenging aspects of cloud-native applications. Container security was cited as the greatest challenge by 68%. Network security was next, cited by 60%. Compliance was the biggest challenge to 57%, while observability was mentioned by 39%.
These challenges end up slowing down cloud-native application deployments for many organizations. Asked which items are the biggest impediments to a deployment, 67% cited security requirements, 56% pointed to compliance requirements and 44% mentioned a lack of automation.
To help them address the security issues that come with cloud-native applications, respondents said they need to reduce application attack surfaces and quickly identify threats. Toward that end, they cited a number of tools that could help, including container-level firewalls , workload access control, microsegmentation and infrastructure entitlement management.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
Observability was recorded as one of the key challenges as IT and security professionals often lack the necessary visibility into their cloud-native applications. Asked what observability issues are the most frustrating, 51% cited the lack of actionable insights, meaning no way to view the root causes of an issue or recommendations for resolving it. Some 43% pointed to a lack of visibility into microservices, meaning an inability to see interactions and dependencies among applications.
To help them gain better insight into their cloud-native applications, the respondents expressed a need for specific tools and technologies. Some 76% said they need a runtime visualization of their environment to view and understand behaviors and interactions. Some 57% want to be able to detect performance hotspots, and 47% need a way to capture dynamic packets.
How to protect your cloud-native applications
To better secure your cloud-native applications against security threats and other issues, Tigera offers a few key recommendations:
Adopt zero trust to reduce the attack surface. The first step is to implement a zero trust environment to secure the flow of data between different cloud-based workloads. For this, you’ll want to set up more granular controls over DNS policies, network sets and other resources. You should also use microsegmentation to isolate workloads based on application tiers, compliance requirements and user access.
Scan for known and unknown vulnerabilities and malware. The goal is to protect your cloud-based workloads from external threats and lateral movement by attackers. To do this, you’ll want application-level security and a web application firewall. Choose a tool that:
- Analyzes threat feeds and lets you create custom threat feeds.
- Monitors inbound and outbound traffic.
- Uses machine learning to find zero-day threats.
- Provides workload-based packet inspection to examine network data in detail.
- Uses signature-based detection to hunt down potential threats.
- Offers advanced anomaly detection so as to recognize, isolate and remediate threats from unknown attacks.
Alleviate risks from exposure. The best way to deal with breaches is by dynamically responding to threats. For this, you need a tool that offers a runtime visualization of your environment so you can monitor for suspicious behavior, troubleshoot connectivity problems and find performance issues. Such a tool should:
- Let you create a security moat around critical workloads to mitigate risk.
- Allow you to deploy honeypods to combat zero-day attacks.
- Automatically quarantine suspicious and potentially malicious workloads.
- Let you customize alerts to automatically remediate threats.