As a study by Aqua Security shows: CISOs rely on open source and cloud native. The result shows CISOs' perceptions of cloud native security and open source in IT security.
Aqua Security, the leader in pure cloud native security, today released a new study on perceptions of open source solutions and cloud native security. The report is based on a survey of 100 US CISOs (Chief Information Security Officers) at Fortune 1000 companies, commissioned by Aqua Security Evaluate the use of Open Source Software (OSS).
Open source software preferred
The results of the study suggest that the perception of open source software has evolved. What was once seen as a potential risk is now apparently perceived as a security and business opportunity. For example, almost 70 percent of all CISOs believe that open source security solutions offer a faster way to secure their environments. Likewise, 78 percent of CISOs believe that open source solutions give them access to the best and most recent innovations in cloud security. And more than 60 percent actively prefer to work with vendors developing open source projects.
Perspectives on Cloud Native Security
The survey also examined CISOs' views on risks and security approaches for software security and cloud-native environments. According to the report, 87 percent of respondents agree that securing the entire application lifecycle, including infrastructure, application code, and workloads, is critical. And 84 percent believe that automated security checks across the software supply chain can accelerate software delivery.
More than two-thirds of CISOs also agree that the easiest first step to securing production workloads is to start with an inventory and assessment of the entire environment (68 percent). Using a single foundation for cloud security is endorsed by 69 percent of CISOs because it reduces friction between different application development teams. Finally, the study shows that 88 percent of CISOs prioritize both active protection and workload visibility to mitigate risk. In fact, 9 out of 10 CISOs believe active protection is a critical element of cloud native security.
Active protection a critical element of cloud native security
“Visibility without active protection is not enough to keep cloud native environments secure, which is why Gartner lists it as a key capability of cloud native application protection platforms. Security teams need to be able to efficiently identify and track risk across their complex, distributed application portfolios, which is why most CISOs see active protection as essential to cloud native security,” comments Paul Calatayud, CISO at Aqua Security, of the study's findings. “This is particularly relevant for cloud-native environments that benefit from the rapid innovation and agility that is common in the OSS community. These qualities support CISOs' interest in working with vendors who actively promote OSS projects.”
More at AquaSec.com
About Aqua Security Aqua Security is the largest pure cloud native security provider. Aqua gives its customers the freedom to innovate and accelerate their digital transformation. The Aqua platform provides prevention, detection, and response automation across the application lifecycle to secure the supply chain, cloud infrastructure, and ongoing workloads—regardless of where they are deployed.