KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
This KuppingerCole Leadership Compass provides an overview of the Cloud-Native Application Protection Platform (CNAPP) market segment and the vendors in that segment. It covers the trends that are influencing the market, how it is further divided, and the essential capabilities required of solutions designed to protect cloud-native applications across the development and production lifecycle. It also provides ratings of how well these solutions meet our expectations. To better understand the fundamental principles this report is based on, please refer to KuppingerCole’s Research Methodology.
The distinctive feature of CNAPP solutions currently offered by vendors is the integration of several capabilities that were previously offered as standalone products. These most often include Cloud Security Posture Management (CSPM) for identifying vulnerabilities and misconfigurations in cloud infrastructures, Cloud Workload Protection Platforms (CWPP) that deal with runtime protection of workloads deployed in the cloud (such as virtual machines, containers, and Kubernetes, as well as databases and APIs), and Cloud Infrastructure Entitlement Management (CIEM) for centralized management of rights and permissions across (multi-)cloud environments. Cloud Service Network Security (CSNS) is sometimes included as well, combining such capabilities as web application firewalls, secure web gateways, and DDoS protection.
Cloud IaaS is now extensively used to develop and deliver new applications and reengineer existing ones. This is often because cloud services provide an environment for accelerated development without the need for capital expenditure and avoids lengthy procurement delays to obtain hardware. However, security is a shared responsibility for cloud services, and this increases complexity.
While the Cloud Service Providers (CSPs) must take steps to secure the service they provide, it is up to the customer to secure the way they use the service. CNAPP tools are intended to reduce complexity by helping organizations using multiple cloud services to identify and manage the risks for which they have responsibility.
The highlights from this report are: