A recent survey from Dynatrace revealed that the growing importance of cloud-native architectures, DevOps, and agile methodologies are driving towards a new approach, that is optimized for multi-cloud environments, Kubernetes and DevSecOps.
Indeed, it was reported that 89% of CISOs believe that microservices, containers, and Kubernetes have created application security blind spots while 97% of organizations stated not having real-time visibility into runtime vulnerabilities in containerized production environments.
Hence, the study showed that around 63% of CISOs think that DevOps and agile development have made it more complicated to identify and manage software vulnerabilities. 74% of CISOs also stated that traditional security controls, including vulnerability scanners, are not enough in today’s cloud-native world.
Therefore, the study revealed that manual vulnerability scans and impact assessments are no longer able to keep up with the pace of change. It was then highlighted that the only way for security to keep up with modern cloud-native application environments is to replace manual deployment, configuration, and management with automated approaches.
As we are leaning towards DevSecOps, it is vital that businesses have solutions that offer automatic, continuous, and real-time risk and impact analysis for every vulnerability, across both pre-production and production environments.