Sysdig 2021 container security and usage report: Shifting left is not enough

The fourth annual Sysdig Container Security and Usage Report highlights key trends in container security, emphasizing the importance of "shifting left" in the development lifecycle, with 74% of organizations scanning container images during the build process to address vulnerabilities early. Despite this proactive approach, the report reveals that 58% of containers still run as root, indicating a need for improved runtime scanning to detect configuration errors. The adoption of open-source solutions like Falco has surged by 300%, reflecting a growing reliance on tools that enable runtime policy definition and security alerts. Additionally, the report notes significant growth in container runtimes such as containerd and CRI-O, alongside a decline in Docker's usage, and highlights the increasing popularity of cloud-hosted registry solutions. As Prometheus continues to dominate in cloud-native application metrics, the report underscores the necessity for organizations to integrate robust security measures within DevOps and invest in Kubernetes-native tools for effective operations at scale.