Zero-Day Exploits Are Most Prevalent Attack in Hybrid Cloud Environments, according to Capsule8-Sponsored Study

New research conducted by ESG reveals security challenges still top of mind but momentum of container adoption shows no sign of slowing

Brooklyn, NY, Feb. 28, 2018 (GLOBE NEWSWIRE) --  Capsule8, the pioneer behind real-time attack disruption for cloud-native environments, today released new research exploring trends in hybrid cloud adoption. The study, ESG Research: Trends in Hybrid Cloud Security Survey, was conducted by Enterprise Strategy Group in November 2017 and surveyed 450 IT/information security professionals in North America and Western European on their challenges, readiness, and intentions, of hybrid cloud environments and containers. When asked if an attack took place in their hybrid cloud environments, 42 percent of organizations reported an attack in the last year, with 28 percent pointing to a zero-day exploit as the origin.

Hybrid cloud environments are complex to secure with multiple users accessing multiple environments from multiple locations--which most often leads to hybrid security approaches that are a mix of on-premises and in the cloud, internally owned and outsourced. Meanwhile, infrastructure composition is shifting to cloud-resident workloads and containerized apps, introducing even more complexity. Fifty-six percent of those surveyed have deployed containerized production applications, and 80 percent will have them in production in the next 12-24 months. This container adoption is cannibalizing the use of both bare metal servers and virtual machines, but legacy infrastructure will remain a critical part of the enterprise for years to come, requiring security approaches that can handle both container and legacy environments.

Causes of attacks over the last year range from zero-day attacks on their hybrid cloud environment (28 percent), to exploits that take advantage of known vulnerabilities in unpatched applications (27 percent). In the past year, companies also experienced attacks related to the misuse of a privileged account by an inside employee (26 percent), exploits taking advantage of known vulnerabilities in unpatched OS systems (21 percent), and the misuse of a privileged account via stolen credentials (19 percent). Mis-configured cloud services, workloads, or network security controls that led to a successful compromise by a bad actor were also noted (20 percent) as well as malware that moved laterally and infected a server workload (21 percent).

Many of the concerns and obstacles related to running containers and addressing attacks such as the ones listed above echo those of virtual machine adoption from years past. Most companies will not move entirely over to a cloud-native infrastructure and are hesitant to invest in multiple expensive point solutions to protect their multiple environments. Thirty-five percent of those surveyed noted that their current server workload security solution does not support or offer the same functionality for containers, requiring that they use a separate container security solution adding cost and complexity.

“The challenge of balancing the move to a next-gen infrastructure while also maintaining support for current environments is a huge barrier for a lot of companies investigating containers,” said John Viega, co-founder and CEO, Capsule8. “The security concerns are real and as we’ve seen noted here with the rates of zero-day attacks, as well as recent major vulnerabilities such as Spectre and Meltdown, the ability to control and secure these hybrid environments effectively is critical and one of the main pain points we are trying to address at Capsule8.”

Currently, the vast majority of companies (70 percent) are using separate controls for public cloud-based resources and on-premises VMs and servers, leaving only 30 percent using unified controls. This approach is projected to completely reverse in the next 24 months, with 70 percent focusing on unified controls for all server workload types across public cloud(s) and on-premises resources.

To learn how Capsule8 can help you secure your cloud-native environment and legacy Linux infrastructure, visit

About Capsule8
Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is developing the industry’s first and only real-time attack disruption platform purpose-built for the cloud-native world of Linux, containers and microservices. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners and ClearSky, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at


Contact Data