Sysdig 2020 Container Security Snapshot: Key image scanning and configuration insights

Sysdig's 2020 Container Security Snapshot underscores the critical need for embedding security into DevOps processes as container and Kubernetes adoption grows. The report reveals insights from over 100,000 scanned images, showing that Alpine is the most commonly used base image, despite the existence of unusually large Alpine-based images which pose security risks. The average Docker image contains about 9.5 layers, and using open source third-party libraries, particularly npm, is widespread, despite the high risk of vulnerabilities, with 53% of non-OS packages having severe vulnerabilities. Additionally, 58% of images run as root, highlighting risky configurations that require continuous monitoring. Sysdig emphasizes the importance of scanning for vulnerabilities early in the CI/CD pipeline and maintaining a secure DevOps workflow to ensure robust application security across the container lifecycle.