2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Sysdig Report Surfaces Shifts in Container Adoption

cropped-ContainerJournalLogoIcon2-300x251-180x180.pngSysdig Report Surfaces Shifts in Container Adoption>
Container Journal – Mike Vizard
An annual âContainer Usage and Security Reportâ published today by Sysdig finds there has been a significant shift in terms of the types of container engines organizations are employing.

Based on an analysis of 2 million containers that Sysdig continuously analyzes on behalf of customers, the survey results show reliance on Docker has dropped to 50% from 79% a year ago. In its place, IT organizations are making greater use of the containerd (18%) and the Container Runtime Interface (CRI) for container images that comply with the Open Container Initiative (OCI).

The Sysdig report also notes that reliance on the open source Prometheus monitoring platform, which also is being advanced under the auspices of the CNCF, grew 35% year over year.

The Quay container registry developed by Red Hat has seen a 60% increase in adoption, while the Golang programming language jumped 66% in terms of usage for building applications, according to the report.

>From a cybersecurity perspective, however, issues remain. More than half (58%) of containers configured are running as root, which makes them prone to being compromised by cybercriminals that have found a way to gain access to credentials used to deploy them.

However, just under half of containers (49%) are running for less than five minutes, so it would appear many IT teams are counting on the fact that cybercriminals might not have enough time to discover their containers before they are replaced.

Meanwhile, the density of container environments has increased by a third (33%). Janet Masuda, chief marketing officer for Sysdig, notes that means there are a lot more potential insecure containers running as root that need to be protected at the runtime level. On the plus side from a cybersecurity perspective, adoption of Falco, an open source tool for detecting container vulnerabilities at runtime originally developed by Sysdig and now being advanced under the auspices of the CNCF, has seen an increase in adoption by a factor of three.

The Sysdig report also notes nearly three-quarters of organizations (74%) are scanning container images during a build stage on their continuous integration/continuous delivery (CI/CD) platform.
Link: https://containerjournal.com/topics/container-ecosystems/sysdig-report-surfaces-shifts-in-container-adoption/

Categories:

Tags: