Recently, Forrester published its Now Tech: Container Security, Q4 2018 report that looks at trends in container adoption, core security requirements for securing containers, and an overview of the container security market landscape. Forrester recognizes Twistlock as a Container Security Platform based on required capabilities.1
Download now: The full report is available for download via the Twistlock website here.
What’s driving enterprise container adoption
Developers, looking to drive business value at increased speed, are the primary reason for the rise in enterprise container adoption. According to Forrester, 58 percent of developers report that their companies are currently using containers or plan to use containers in the next 12 months.2 This shift allows enterprises, and their respective development and devops teams, the ability to build, deploy, and scale applications more quickly and easily.
At the same time, enterprises need to ensure that security scales to meet the needs of modern applications. While developers are driving container adoption, security is top of mind — 43 percent of survey respondents in a CNCF survey shared that security was a challenge in enterprise adoption.3
Defining the container security market
In the Now Tech: Container Security, Q4 2018 report, Forrester shares:
“Forrester defines container security as: Products that reduce the vulnerabilities containers may introduce by implementing automatic security checks and processes throughout the development life cycle.
Forrester recommends 10 distinct controls to secure containers: Use trusted images, reduce clutter, sign images and verify signatures, enforce secrets management, segment the network, authenticate users, scan for vulnerabilities, harden the OS, govern operations, and implement intrusion detections.”1
At Twistlock, we have always emphasized that container security requires a full application and full lifecycle approach. By leveraging automation throughout the application lifecycle, enterprises are able to scale their security efforts to meet the needs of their modern applications.
Areas where Container Security Platforms excel
Forrester’s report identifies key areas where Container Security Platforms offer “high segment functionality”:
- Security improvement
- Access and control of product
- Access and control of containers
- CI/CD integration
Additionally, Forrester includes a detailed breakdown of how different market segments look to address key capability areas:
FIGURE 2 Now Tech Functionality Segments: Container Security, Q4 2018
We’re proud to partner with underlying platforms recognized in the report
Twistlock is proud to be an official partner with Docker, Google, IBM, Red Hat, and Pivotal—also recognized in the report—to continue improving the security of the cloud native ecosystem together.
Securing containers at scale with Twistlock
As companies move to containers and adopt other cloud native technologies, an opportunity exists for stronger cybersecurity than ever before. By seamlessly integrating across the application delivery lifecycle, Twistlock ensures your containers and cloud native applications can be deployed fearlessly. Twistlock learns expected application behavior and uses machine learning to model this behavior and automatically create and enforce whitelist based runtime protection and firewalling.
The full report in its entirety can be downloaded from the Twistlock website here.
1 Forrester Now Tech: Container Security, Q4 2018, Forrester Research, Inc., 3 October 2018.
2 Forrester Analytics Global Business Technographics Developer Survey, 2018.
3 Sarah Conway, “Cloud Native Technologies are Scaling Production Applications,” Cloud Native Computing Foundation blog, 6 December 2017.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog