Many IT teams begin moving their applications to containers and Kubernetes after their managers mandate the switch. Then in the rush to deploy they may forget, or simply delay, some fundamentals. Only six to 12 months later does integrating security into their CI/CD pipeline becomes a priority.

This gradual evolution toward cloud native security best practices is worrisome, but it’s the norm among organizations adopting Kubernetes today. This is what we learned from a panel of cloud native security experts at The New Stack’s pancake and podcast from KubeCon+CloudNativeCon North America this week. The New Stack founder and publisher Alex Williams was joined on the panel by:

Keith Mokris, product marketing manager, container security at Palo Alto Networks; Maya Kaczorowski, product manager at Google.

Santiago Torres-Arias, Ph.D. student at New York University Center for Cyber Security; Sarah Allen, co-chair of the Cloud Native Computing Foundation’s (CNCF) Security Special Interest Group (SIG); Sean M. Kerner, senior editor at InternetNews.com.

Prisma by Palo Alto Networks sponsored this podcast.