Majority of Orgs Lack Visibility Into Container Vulnerabilities

Source:-https://devops.com/ Today’s blend of third-party application dependencies and polyglot software development often makes assessing risk difficult. With many new cloud-native deployment models, it can be tricky to discover potential vulnerabilities. These threats take the form of insecure default settings in Kubernetes, over-permissive states, CVEs that threaten container integrity, and other vulnerable conditions. Plugging gaps throughout the cloud-native strata is now crucial to avoid exposing data and breaking privacy regulations. Yet, gaining visibility into these holdings is challenging, and traditional application

Just 3% of organizations have real-time visibility into runtime vulnerabilities

Source:-https://www.securitymagazine.com/ Software intelligence company Dynatrace announced the findings of an independent global survey of 700 CISOs, which reveals the rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security. As organizations shift more responsibility “left” to developers to accelerate innovation, increasingly complex IT ecosystems and outdated security tooling can slow releases by leaving blind spots and forcing teams to manually triage countless alerts, many of which are false positives reflecting vulnerabilities in libraries that