What is a CNAPP? (Cloud Native Application Protection Platform)

A cloud native application protection platform (CNAPP) is a cloud-native software platform that simplifies cybersecurity operations, combining multiple tools and capabilities into a single software solution to reduce complexity. CNAPP’s offer a modern end-to-end cloud and application security solution, addressing industrywide needs such as security monitoring, posture management and breach prevention.

While all CNAPP solutions provide cloud application security tools, specific features are typically vendor specific. The most common CNAPP features include:

Cloud Security Posture Management (CSPM)

A software solution designed to detect, prevent, and fix cloud resource exposure.

Infrastructure-as-Code (IAC) Scanning

An automated process used to scan configuration files and code for vulnerabilities and misconfiguration.

Cloud Workload Protection Platform (CWPP)

A software platform that outlines security corrections for an array of workloads such as virtual machines, APIs, and Kubernetes.

Cloud Service Network Security (CSNS)

A set of solutions to protect cloud infrastructure in real time, like web application firewalls (WAF), DDOS protection, and web application protection (WAP).

Kubernetes Security Posture Management (KSPM)

A solution to automate and manage security for Kubernetes containers with tools for scanning, monitoring, and benchmarking.

Cloud Infrastructure Entitlement Management (CIEM)

A management solution that tracks permissions across multi cloud environments, reporting unnecessary access configurations.

Why are CNAPPs important?

CNAPP became a popular buzzword among cybersecurity professionals in 2021, following Gartner’s Innovation Insight for Cloud-Native Application Protection Programs report, in which the company encouraged leaders to evaluate the emerging solution.

During an episode of “What’s That? With Prisma Cloud,” Steve Giguere Developer Advocate for Bridgecrew by Palo Alto Networks said, “Development teams evolving from classic to cloud native app development almost always outpace security. Meanwhile cloud security teams struggle to apply new tools and technologies every time a new security risk is highlighted.” He asserted. “In response security needs to shift left to ensure that cloud native vulnerabilities are identified and remediated as soon as possible in the development process.”

CNAPP top vendors

According to Gartner rankings the top vendors of CNAPPs include:

Palo Alto, Sysdig, Wiz, Orca Security, Lacework, CrowdStrike and Microsoft.

Read more cloud Explainers here.