Our Prediction for 2023: Kubernetes Security Challenges

We’re at the start of the new year, and for my KSOC co-founder, Jimmy Mesta and me, that means plenty of meetups with the CISOs and other business leaders we advise. Inevitably this includes discussion about the latest vulnerabilities and attack surfaces in the news. Many of us debated what security news we expect for 2023. Jimmy and I shared a clear prediction on what will be top of mind: Kubernetes security challenges.

As Jimmy outlined in the OWASP Kubernetes Top 10 he authored, the Kubernetes ecosystem introduces wide risks we expect to see as more organizations develop cloud-first infrastructures, with increasingly complex containerization. That’s why we focused on closing 2022 discussions with CISOs and DevOps leaders about how they’re strengthening their security across their Kubernetes environments, from blocking mode to custom policies. 2023 will be a year of new attacks across more digital surfaces, and KSOC is confident Kubernetes will be among them.

Our investors agree; that’s why Silicon Valley-based venture capital firm Forgepoint Capital recently became an investor in KSOC. As a leading early-stage cybersecurity venture capital firm that invests in transformative companies protecting the digital future, Forgepoint is aligned with our vision to help organizations automate security for Kubernetes environments. Managing Director Ernie Bio  has joined our board and will lend his cybersecurity defense expertise spanning public and private sectors.

“Kubernetes has emerged as the de facto container orchestration platform leveraged by big and small organizations. Unfortunately, it is not secure by default. Misconfigurations and other security issues require a purpose-built solution that Security teams and DevOps teams can trust,” said Ernie Bio, Forgepoint Managing Director. “KSOC has assembled A-players from the security industry to offer the unified platform teams need to build and secure their businesses in the cloud.”

We appreciate Ernie and the rest of our investors’ support as we grow our customer base and help them tackle critical security measures across departments. Red Hat’s 2022 State of Kubernetes Security Report finds that 93% of DevOps, engineering and security professionals have experienced at least one security incident in their Kubernetes environments in the last 12 months, often leading to revenue or customer loss. That’s why we built the KSOC platform and sought investors who share our obsession with today’s security landscape and DevOps teams’ workflows. Through our own collaboration across our investors and the broader security and DevOps communities, we’re focused on helping customers cut down on delays in application deployment or loss of customers and revenue.

Just this week, KSOC customer Frank Catucci, CTO of Invicti, shared this with our team:

“KSOC is allowing us to get control over our Kubernetes configuration and RBAC in a way that would have taken a team of specialized engineers to manage themselves.”

Invicti signed on with KSOC to monitor its Kubernetes environments more precisely and with faster time to action, ultimately leading to heightened security across the business:

“KSOC’s credential-less access and visibility was a huge plus for us. Since KSOC is Kubernetes-native, we don’t have to pass our credentials in order to access policy management, image scanning and SBOM generation.”

In the new year, we are continuing these important conversations alongside our buildout of the KSOC Kubernetes security platform. You’ll see us increasing our presence at key security and cloud community events where we’ll meet with CISOs, CTOs, security practitioners, developers and other key technology leaders. As organizations continue to develop in the cloud and containerize their growing environments, coordination across these internal technology and product teams has become business-critical. We’re here to help.

Wishing you a happy New Year!

Brooke