Java developers want container security, just not the job that comes with it

Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd rather delegate security to providers of hardened containers than worry about making their own container security decisions.

This finding comes from BellSoft, which offers the Liberica JDK, a free, open-source implementation of Java SE. The company says it surveyed 427 developers at Devoxx last year for its 2025 State of Container Security report. Its goal was to better understand decisions about containers, security, priorities, and practices.

The most important factor among the survey respondents in choosing a base container image was security (29 percent), followed by performance (21 percent), image size (17 percent), Java support (17 percent), ease of use (11 percent), license compliance (4 percent), and other (1 percent).

That's understandable given that almost one in four of the devs (23 percent) said they'd experienced container-related security incidents in the past year ...