Open Versus Closed Source: What is the State of Kubernetes Protection?

The News: KubeCon + CloudNativeCon Europe 2023 were held in Amsterdam this past week and one thing is abundantly clear: Kubernetes is well on its way to enterprise adoption, bringing with it a number of benefits — most predominantly being application development agility. There are some challenges that arise, though, when enterprises look to operationalize Kubernetes at scale, which I’ll explore here.

Open Versus Closed Source: What is the State of Kubernetes Protection?

Analyst Take: KubeCon + CloudNativeCon Europe 2023 were back in full force this year and as mentioned earlier, it is clear that Kubernetes, with the many benefits it affords, is well on its way to enterprise adoption. That said, there are some challenges that enterprises face when it comes to the operationalization of Kubernetes at scale.

One of the most significant challenges that I see is the ability to protect and manage clusters and persistent data at scale. This is particularly a threat as ransomware continues to raise the potential for data loss for organizations, but it the threat of ransomware is also helping to increase visibility and an understanding around the need for data protection among C-Suite executives.

The market for Kubernetes protection is nascent but quickly evolving, and one thing is clear: there is a strong propensity toward open source tools for protection, especially Velero. This is because Kubernetes itself is open source and is being brought into the enterprise by developers. So, there is a natural propensity towards the open source, “do-it-yourself,” scripting-based approach.

This approach may be suitable for a small number of clusters, but, as Futurum Labs has encountered in testing, it becomes far too time-consuming and cumbersome for day-to-day management tasks at scale. This is where multi-cluster management which includes the ability to create policies, automatically discover resources to be protected, and automatically apply those policies becomes important. At the Red Hat Community summit, a non-scientific raise of hands showed less than 30% of the attending community had more than five clusters, while Evaluator Group research showed Kubernetes to be in production at over 50% of surveyed customers, with 60% of the customers running more than five workloads (applications).

Multi-cluster management and automated data protection functions play an even more strategic role when we factor in the shift to DevSecOps practices that aim to seamlessly integrate development, security, and operations processes into collaborative and integrated functions. Capabilities like data protection need to be as baked into workflows as possible in order to support efficiency and avoid slowing down agile development processes.

The relationship between Velero and third-party data protection providers will continue to evolve. This is evidenced by one KubeCon announcement, which is the introduction of CloudCasa for Velero. This new service will add key value components, including multi-cluster management, on top of customers’ existing Velero deployments, and note that the customer is not required to migrate to a CloudCasa-proprietary “flavor” of Velero.

Naturally, vendor approaches differ. Dell and IBM, for example, have used Velero as the basis for their data protection software offering. In addition to offering PX-Backup, Portworx offers a plugin that allows Velero to take snapshots of and restore Portworx volumes.

These are just a few examples, and from an ecosystem perspective, data protection-centric capabilities will increasingly be complemented with tools such as API observability for the identification and debugging of issues in code to strengthen the DevSecOps-oriented IT workflows and lifecycles.

What does this all mean for IT Operations? Increased collaboration with developers, security teams, and lines of business, will be essential in order for teams as a whole to better understand corporate-level strategic and day-to-day operational and security requirements. In many ways, IT Ops serves as the lynchpin to success because this team is responsible for IT infrastructure and information management and protection. With this in mind, Kubernetes-related requirements will increasingly influence priorities for IT spending and projects.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

KubeCon 2023: SUSE Launches Rancher 2.7.2, Latest Version of Rancher

GitLab and Oracle Partner to Accelerate AI/ML Development

KubeCon 2023, Amsterdam: 10K Strong and Sold Out

Author Information

Krista Case

Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Related Insights
Is AI Ready for Real Work, or Are Enterprises Still Stuck in Experimentation?
July 4, 2026

Is AI Ready for Real Work, or Are Enterprises Still Stuck in Experimentation?

Most enterprises claim advanced AI maturity, but lack governance and deployment strategies. Leading organizations are moving from experimentation to measurable AI impact....
Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up
July 4, 2026

Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up

Qodo's 'Compliance as Code' framework automates enterprise AI compliance through PR checks, solving the data privacy and security gaps that plague manual reviews at scale....
Databricks AI’s GPU Reliability Push Exposes Hidden Risks for Large-Scale Training
July 3, 2026

Databricks AI’s GPU Reliability Push Exposes Hidden Risks for Large-Scale Training

Databricks AI reveals critical GPU reliability challenges in distributed training environments. Silent slowdowns and numerical corruption pose greater risks than visible failures, threatening model quality and compute efficiency at enterprise...
Brave's Browser Containers Raise the Bar for Privacy and Workflow Flexibility
July 3, 2026

Brave’s Browser Containers Raise the Bar for Privacy and Workflow Flexibility

As AI platform adoption accelerates to $181.3B projected market size, Brave's v1.92 release introduces native browser containers addressing data privacy concerns for 52.6% of enterprise decision makers managing multi-cloud AI...
Can DataRobot's Unified AI Governance Break the Silo Trap for Enterprise AI?
July 3, 2026

Can DataRobot’s Unified AI Governance Break the Silo Trap for Enterprise AI?

DataRobot's unified AI governance platform extends beyond public cloud to on-premises, edge, and air-gapped environments, directly addressing the enterprise AI fragmentation problem where visibility ends at deployment boundaries....
Domino Data Lab From MLOps Platform to Governed AI Application Factory
July 2, 2026

Domino Data Lab: From MLOps Platform to Governed AI Application Factory

Nick Patience, VP and Practice Lead, AI Platforms at Futurum, examines Domino Data Lab's pivot to governed AI application delivery, its agentic AI governance framework, and what the strategy means...

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.