Kubernetes adoption, security, and market trends report 2021

Benchmark yourself against the findings in this report to determine how you can accelerate your efforts to apply security controls across containers and Kubernetes.

Executive summary

This semiannual edition of the State of Kubernetes Security report examines how companies are adopting Kubernetes, containers, and cloud-native technologies while meeting the challenges of providing security for their vital Kubernetes applications. This report compiles survey results from more than 500 DevOps, engineering, and security professionals. It uncovers new findings about how companies are implementing DevSecOps initiatives to protect their cloud-native environments.

Report highlights

1. More than half of respondents have delayed deploying Kubernetes applications into production due to security.

2. Almost all respondents experienced at least one security incident in their Kubernetes environments in the last year.

3. Security is the top concern in container strategies, but DevSecOps is on the rise.

4. Majority of respondents are running production workloads in Kubernetes.

5. Hybrid cloud deployment strategies are the most common, and Red Hat OpenShift is the leader in hybrid cloud deployments.

Get the full report

Have you ever delayed or slowed down application deployment into production due to container or Kubernetes security concerns?

55% of respondents have had to delay an application rollout because of security concerns.

When security becomes an afterthought, agility is compromised. To prevent delays in application deployment and realize the benefits of containers and Kubernetes, organizations must build security into the development phase so they can address as many security challenges as possible during the build stage.

94% of respondents experienced at least one security incident in their Kubernetes environments in the last 12 months

Misconfiguration is the leading cause of security incidents by a wide margin. In general, human error is the most-often cited cause of data breaches and hacks.² Kubernetes and containers, while powerful, increase this risk due to the significant configuration required.

What is your biggest concern about your company’s container strategy?

Security is the top container strategy concern: 59% of respondents are most worried about unaddressed security and compliance needs or threats to containers

Organizations are eagerly adopting containers and Kubernetes. However, if they don’t simultaneously invest in security strategies and tooling, they risk the security of their critical applications and may need to delay application rollout.

Do you have DevSecOps initiative in your organization?

Nearly 75% of organizations have a DevSecOps initiative in place

The vast majority (74%) of organizations are embracing DevSecOps, building security into the application development life cycle, rather than treating it as an afterthought. Even more promising is that 25% of respondents have an advanced DevSecOps initiative where they’re integrating and automating security throughout the life cycle.

Kubernetes is used by nearly everyone

Our survey results indicate widespread customer adoption of Kubernetes (88%), especially in production environments (74%). Supported by a robust community of contributors, Kubernetes is living up to its title as the de facto container orchestrator.

Where do you have containers running?

Hybrid cloud deployment strategies are the most common

Most respondents (47%) are running their containers in a hybrid setting vs. 28% who run only in public cloud. With hybrid models continuing to be the dominant approach, organizations need security that runs the same way—no matter where workloads are deployed.

Are you using any solutions for hybrid and multicloud Kubernetes deployments?

Red Hat OpenShift is the leader in hybrid cloud deployments

We found that 37% of respondents have standardized on Red Hat® OpenShift®, with AWS Outposts and Microsoft Azure Arc rounding out the top 3. The hybrid offerings from VMware and Oracle lag behind their peers.