The number of organizations implementing a Cloud Native Application Platform (CNAPP) is rising with the surge in multi-cloud strategies as an adoption accelerator since complex distributed cloud environments require the kind of integrated security approach CNAPPs can enable.
Cloud-native application protection platforms comprise an integrated set of cybersecurity capabilities to comprehensively secure cloud-native applications from creation to production. These capabilities are typically present in a range of often siloed cybersecurity solutions. CNAPPs enable a single-platform approach, removing the hassle of efficiently attempting to combine these siloed solutions in a modern cloud environment.
According to research from the Cloud Security Alliance (CSA), three out of four (75 percent) organizations have either implemented or plan to implement CNAPPs in their cloud environments (data August 2023). A key driver of this evolution is multi-cloud strategies’ widespread – and increasing – presence.
Organizations have been evolving toward more complex multi-cloud environments for years. The speed at which this has happened differed per industry. Still, the coronavirus crisis caused an acceleration of multi-cloud strategies (and realities) across many sectors, given its impact on digital transformation and digitization needs everywhere.
The advent of increasingly distributed multi-cloud environments came with cybersecurity-related challenges, and an arsenal of security solutions emerged – or have become more critical in recent years – to address them. In doing so, however, it didn’t prove easy to use the existing tools in an orderly, comprehensive, and efficient manner.
“Cloud Native Application Protection Platforms or CNAPPs have emerged as a critical category of security tooling in recent years. Much of their popularity has been driven by the complexity of comprehensively securing multi-cloud environments and their ability to consolidate the capabilities of the numerous security tools organizations current deploy” (Cloud Security Alliance)
Cloud Native Application Protection Platforms in context
It is precisely here that Cloud Native Application Protection Platforms (CNAPPs) aim to provide a solution.
A CNAPP allows the capabilities of security solutions that organizations today often use for cloud (application) security to be consolidated. Consider, for example, the capabilities of tools such as CSPM (Cloud Security Posture Management), CWP (Cloud Workload Protection), CIEM (Cloud Infrastructure Entitlement Management), network security, and secure DevOps.
For Hillary Baron, lead author of the Cloud Native Application Protection Platform (CNAPP) Survey Report 2023, it is clear that organizations must find ways to comprehensively address their security posture as multi-cloud environments are effectively becoming increasingly complex.
“32% of organizations are struggling with prioritizing security improvements due to the overwhelming and often incorrect information they receive from alerts” (Cloud Security Alliance)
Adwait Joshi, director of cloud security product marketing at Microsoft, which commissioned the study, points out that many traditional security solutions, such as those mentioned, cannot adequately protect these increasingly dynamic and distributed multi-cloud strategies.
According to the study, in which more than 1,200 IT and security professionals participated, three in four organizations opted to use CNAP to protect their multi-cloud environments. Seventy-five percent of surveyed organizations have already integrated CNAPPs into their cloud environments or plan to do so, while 84 percent reported utilizing two or more cloud environments.
“By 2026, 80% of enterprises will have consolidated security tooling for the life cycle protection of cloud native applications to three or fewer vendors, down from an average of 10 in 2022” (Gartner)
The challenges with existing cloud security tooling
Looking at the capabilities of various security tools organizations deploy and find hard to use in a consolidated manner, prioritizing security improvements seems to be a struggle for 32 percent of organizations due to the overwhelming and often incorrect information they receive from alerts.
In this context of struggles typically related to Cloud Security Posture Management (CSPM), 34 percent of respondents report feeling buried under security recommendations, and a similar percentage says they are missing the insights that enable them to make informed decisions about all these alerts and recommendations.
In a DevOps Security context, integrating security into DevOps practices remains challenging, with 35 percent reporting complete integration. Here, lack of security expertise and insufficient automation are two critical reasons, with 46 and 43 percent of respondents, respectively. However, an excessive number of false positives and a lack of actionable feedback are also crucial challenges, with 42 percent each.
Regarding Cloud Workload Protection, the challenges on the level of incident response mainly concern the lack of manpower, automation, and formal response plans.
The most mature of all the categories, network security, still poses challenges to organizations concerning threat detection and managing the large volume of security alerts.
On a level of Cloud Infrastructure Entitlement Management (CIEM), finally, 43% percent of organizations identified misconfiguration of permissions as their top concern with cloud permissions in a multi-cloud environment.
You can download the full report, entitled “Cloud Native Application Protection Platform Survey Report” on the CSA website (registration required).
Cloud-native application protection platforms in a nutshell
Cloud-native application protection platforms entered Gartner’s Hype Cycle for Cloud Security the first time at the end of 2021, when cloud computing security was the fastest growing segment in the market for information security technology and services, when innovations for remote work and to support digital business acceleration were of particular interest per the research firm.
Gartner defined CNAPPs as ‘an integrated set of security and compliance capabilities designed to help secure and protect cloud-native applications across development and production, consolidating multiple cloud-native security tools and data sources, including container scanning, cloud security posture management, infrastructure as code scanning, cloud infrastructure entitlements management and runtime cloud workload protection platforms’.
The illustration below from Gartner (via one of the several players in the CNAPP market, Palo Alto Networks) provides a graphical overview.
Other CNAPP providers, on top of Palo Alto Networks and Microsoft (sponsor of the CSA survey), include CrowdStrike, Trend Micro, SentinelOne, Sysdig, Sophos, Orca Security, Akamai, Trellix, CheckPoint, Red Hat, Aqua Security, Broadcom, CloudDefense, and Uptycs. Stay tuned for more.