New Research Shows Cloud-Native Architectures Break Traditional Approaches to Application Security
June 03 2021 - 8:00AM
Business Wire
Just 3% of organizations have real-time
visibility into runtime vulnerabilities, as multicloud
environments, Kubernetes, and DevSecOps drive digital
transformation
Software intelligence company Dynatrace (NYSE: DT) announced
today the findings of an independent global survey of 700 CISOs,
which reveals the rising adoption of cloud-native architectures,
DevOps, and agile methodologies has broken traditional approaches
to application security. As organizations shift more responsibility
"left" to developers to accelerate innovation, increasingly complex
IT ecosystems and outdated security tooling can slow releases by
leaving blind spots and forcing teams to manually triage countless
alerts, many of which are false positives reflecting
vulnerabilities in libraries that are not used in production.
Organizations are calling for a new approach that is optimized for
multicloud environments, Kubernetes, and DevSecOps. The
complimentary report, Precise, automatic risk and impact assessment
is key for DevSecOps, is available for download here.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20210603005531/en/
(Graphic: Business Wire)
This research reveals:
- 89% of CISOs say microservices, containers, and Kubernetes have
created application security blind spots.
- 97% of organizations do not have real-time visibility into
runtime vulnerabilities in containerized production
environments.
- Nearly two-thirds (63%) of CISOs say DevOps and Agile
development have made it more difficult to detect and manage
software vulnerabilities.
- 74% of CISOs say traditional security controls such as
vulnerability scanners no longer fit today’s cloud-native
world.
- 71% of CISOs admit they are not fully confident code is free of
vulnerabilities before going live in production.
“The increased use of cloud-native architectures has
fundamentally broken traditional approaches to application
security,” said Bernd Greifeneder, Founder and Chief Technology
Officer at Dynatrace. “This research confirms what we’ve long
anticipated: manual vulnerability scans and impact assessments are
no longer able to keep up with the pace of change in today’s
dynamic cloud environments and rapid innovation cycles. Risk
assessment has become nearly impossible due to the growing number
of internal and external service dependencies, runtime dynamics,
continuous delivery, and polyglot software development which uses
an ever-growing number of third-party technologies. Already
stretched teams are forced to choose between speed and security,
exposing their organizations to unnecessary risk.”
Additional findings include:
- On average, organizations need to react to 2,169 new alerts of
potential application security vulnerabilities each month.
- 77% of CISOs say most security alerts and vulnerabilities are
false positives that do not require actioning as they are not
actual exposures.
- 68% of CISOs say the volume of alerts makes it very difficult
to prioritize vulnerabilities based on risk and impact.
- 64% of CISOs say developers do not always have time to resolve
vulnerabilities before code moves into production.
- 77% of CISOs say the only way for security to keep up with
modern cloud-native application environments is to replace manual
deployment, configuration, and management with automated
approaches.
- 28% of CISOs say application teams sometimes bypass
vulnerability scans to speed up software delivery.
“As organizations embrace DevSecOps, they also need to give
their teams solutions that offer automatic, continuous, and
real-time risk and impact analysis for every vulnerability, across
both pre-production and production environments, and not based on
point-in-time ‘snapshots’,” continued Greifeneder. “With the
Application Security Module on the Dynatrace Software Intelligence
Platform, organizations can leverage the automation, AI,
scalability, and enterprise-grade robustness of Dynatrace, and
extend this to deliver more secure release cycles with confidence
their cloud-native applications are free from exposures.”
The report is based on a global survey of 700 CISOs in large
enterprises with over 1,000 employees, conducted by Coleman Parkes
and commissioned by Dynatrace in 2021.
The sample included 200 respondents in the U.S., 100 in the UK,
France, Germany, and Spain, and 50 in Brazil and Mexico,
respectively.
About Dynatrace
Dynatrace provides software intelligence to simplify cloud
complexity and accelerate digital transformation. With automatic
and intelligent observability at scale, our all-in-one platform
delivers precise answers about the performance and security of
applications, the underlying infrastructure, and the experience of
all users to enable organizations to innovate faster, collaborate
more efficiently, and deliver more value with dramatically less
effort. That’s why many of the world’s largest enterprises trust
Dynatrace® to modernize and automate cloud operations, release
better software faster, and deliver unrivalled digital
experiences.
To learn more about how Dynatrace can help your business, visit
www.dynatrace.com, visit our blog and follow us on Twitter
@dynatrace.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20210603005531/en/
Hailey Melamut March Communications dynatrace@marchcomms.com +1
617.960.9856 Tristan Webb Spark Communications
dynatrace@sparkcomms.co.uk +44 207.436.0420
Dynatrace (NYSE:DT)
Historical Stock Chart
From Apr 2024 to May 2024
Dynatrace (NYSE:DT)
Historical Stock Chart
From May 2023 to May 2024