Growth in cloud-native workloads surged with the rapid digitalization caused by the pandemic and the need for more agile, powerful development tools. By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. This trend is reflected in Tigera’s first The State of Cloud-Native Security market report, which found that 75% of companies are focusing development on cloud-native applications. The increased development and deployment of cloud-native applications also creates the need for more advanced observability and security capabilities.

The report reveals key insights from security and IT professionals around the world, shedding light on the opportunities and challenges enterprises face with containers and cloud-native applications, with a particular focus on security, observability, and compliance.

Cloud-native applications are gaining momentum but also present security, compliance, and observability issues as 97% of companies reported observability challenges with cloud-native applications. Also, 96% of companies said that cloud-native application challenges are leading to slower deployment cycles, with 67% naming security as the top challenge while 69% of companies identified container-level firewalls (IPS/IDS, WAF, DDoS, DPI, etc.) as the top need for network security for cloud-native applications and 76% of organizations need runtime visualization for cloud-native applications.

Organizations require security solutions for runtime, access, and networking for containers with 99% of companies indicating containers require access to other applications and services while 98% need container security, with runtime security topping the list and 99% of companies require network security for containerized applications.

Adopting tools that increase visibility and provide security at the container, application, and network levels can help enterprises address cloud-native security, including threat prevention by reducing the application attack surface; threat detection by monitoring for both known and unknown threats; and threat mitigation by quickly resolving risks from exposure.