Home

English
English
Search
Log in / Register
All Red Hat

Overview

Kubernetes adoption, security, and market trends report 2021

Last Updated:

Executive summary

This semiannual edition of the State of Kubernetes Security report examines how companies are adopting Kubernetes, containers, and cloud-native technologies while meeting the challenges of providing security for their vital Kubernetes applications. This report compiles survey results from more than 500 DevOps, engineering, and security professionals.1 It uncovers new findings about how companies are implementing DevSecOps initiatives to protect their cloud-native environments. 

Report highlights

  • More than half of respondents have delayed deploying Kubernetes applications into production due to security.
  • Almost all respondents experienced at least one security incident in their Kubernetes environments in the last year.
  • Security is the top concern in container strategies, but DevSecOps is on the rise.
  • Majority of respondents are running production workloads in Kubernetes.
  • Hybrid cloud deployment strategies are the most common, and Red Hat OpenShift is the leader in hybrid cloud deployments.

Get the full report

 

55% of respondents have had to delay an application rollout because of security concerns

When security becomes an afterthought, agility is compromised. To prevent delays in application deployment and realize the benefits of containers and Kubernetes, organizations must build security into the development phase so they can address as many security challenges as possible during the build stage.

 

image container

 

 

94% of respondents experienced at least one security incident in their Kubernetes environments in the last 12 months

Misconfiguration is the leading cause of security incidents by a wide margin. In general, human error is the most-often cited cause of data breaches and hacks.2 Kubernetes and containers, while powerful, increase this risk due to the significant configuration required.

 

 

image container

 

 

Security is the top container strategy concern: 59% of respondents are most worried about unaddressed security and compliance needs or threats to containers

Organizations are eagerly adopting containers and Kubernetes. However, if they don’t simultaneously invest in security strategies and tooling, they risk the security of their critical applications and may need to delay application rollout.

 

 

image container

 

 

Nearly 75% of organizations have a DevSecOps initiative in place

The vast majority (74%) of organizations are embracing DevSecOps, building security into the application development life cycle, rather than treating it as an afterthought. Even more promising is that 25% of respondents have an advanced DevSecOps initiative where they’re integrating and automating security throughout the life cycle.

 

 

image container

 

 

Kubernetes is used by nearly everyone

Our survey results indicate widespread customer adoption of Kubernetes (88%), especially in production environments (74%). Supported by a robust community of contributors, Kubernetes is living up to its title as the de facto container orchestrator.

 

 

image container

 

 

Hybrid cloud deployment strategies are the most common

Most respondents (47%) are running their containers in a hybrid setting vs. 28% who run only in public cloud. With hybrid models continuing to be the dominant approach, organizations need security that runs the same way—no matter where workloads are deployed.

 

 

image container

 

 

Red Hat OpenShift is the leader in hybrid cloud deployments

We found that 37% of respondents have standardized on Red Hat® OpenShift®, with AWS Outposts and Microsoft Azure Arc rounding out the top 3. The hybrid offerings from VMware and Oracle lag behind their peers.

 

 

image container

The survey was conducted by StackRox before its acquisition by Red Hat in early 2021.

Tessian and Stanford University. “The psychology of human error.” July, 2020.