Skip to main content

Aqua Security: 97% unaware of crucial cloud native security principles

Computer security firmware

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


Ninety-seven percent of cloud-native security practitioners are broadly unaware of essential container security principles, according to a report from Aqua Security.

Risks of Cloud Native environments

Just 3% of respondents correctly noted that a container is not a security boundary. This finding, combined with the fact that 70% believed traditional tools — such as an IPS or firewall — could protect against attacks in progress in a cloud-native environment, highlights the difficulty and complexity of understanding key cloud-native security risks and how to counteract them.

A full 58% did not feel at risk for zero days in containerized environments, and security researchers have found attackers are becoming increasingly sophisticated over time. Fifty percent of vulnerable targets are being attacked within the hour. And while 73% of respondents were confident in their ability to stop software supply chain attacks, only 32% were confident in the runtime capabilities required to stop threats like Kinsing malware, which only downloads in runtime.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

Practitioners did not report strong plans to invest in runtime as a key part of a full lifecycle cloud-native security strategy. Runtime security is critical in protecting against attackers evading static analysis or otherwise getting around more popular, and better understood, shift-left controls. While static analysis plays an important role in container security, it is by no means a silver bullet. Even the most complete shift-left vulnerability and malware detection cannot prevent zero-day attacks and administrator errors.

Despite the widely publicized threat landscape, only 24% of respondents claimed they planned to introduce runtime controls in the coming year, while less than 16% were in fact planning on investing in the necessary building blocks of runtime security (for example, ensuring container immutability). These investment plans were reported despite the fact that only 26% of respondents said 70% or more of their cloud-native security stack could stop an attack in progress in a cloud-native environment.

The study interviewed 150 practitioners across industries ranging from financial services to the public sector. The cohort of practitioners interviewed all worked for large organizations, with headcounts ranging from 1,000 to over 10,000. Forty-seven percent had at least five years of cloud-native security business experience.

View the full Aqua Security 2021 Cloud Native Security report.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.