While cloud adoption has been on the rise for at least a decade, the past two years have pushed that growth into overdrive. Unit 42 Cloud Threat Researchers found that organizations across the globe increased their cloud workloads by more than 20% between December 2019 and June 2020. Moreover, between April and June 2020, cloud security incidents increased by an astounding 188%—and some industries saw increases of more than 400%. The seeming disproportionate rise in security incidents isn't necessarily due to lack of attention. The team also found that cloud spending rose by nearly 30% around the same time frame.
A significant part of the problem is a proliferation of "blind spots" that are, ironically, caused by the point solutions that organizations adopt to secure their clouds. That's why we have been strong proponents of an integrated platform approach to security since our inception. And recently, Gartner released research a new market category that we believe aligns with that same vision, which they are calling Cloud Native Application Protection Platforms (CNAPP).
Here we'll explore why the industry is coalescing around the idea of cloud native security platforms and look at the benefits they offer for organizations of any size.
The approach that many organizations have taken to cloud security involves individual solutions and tools for each issue or functional area the security team is responsible for protecting. While this may solve one problem at a time, other issues consistently emerge as a result.
These are just a few of the examples of challenges organizations face without a comprehensive platform approach to security.
Cloud Native Application Protection Platforms, which we call Cloud Native Security Platforms (CNSPs), integrate and centralize otherwise disparate security functions into a single UI. This approach provides visibility across silos, and ensures security, cloud infrastructure, and DevOps teams can deliver full-stack security. A single platform can protect applications at runtime while also integrating security into development workflows to identify and fix flaws early in the application lifecycle.
As Gartner states, “Cloud-native application protection platforms (CNAPPs) are an integrated set of security and compliance capabilities designed to help secure and protect cloud-native applications across development and production. CNAPPs consolidate many previously siloed capabilities, including:
In the Innovation Insight for Cloud-Native Application Protection Platforms, Gartner shares several recommendations for security and risk management leaders. Here are a few we have chosen to highlight:
At Palo Alto Networks, we believe these recommendations are vital for organizations securing cloud native applications.
With Prisma Cloud, Palo Alto Networks delivers a comprehensive, fully integrated, and best-in-class platform for securing cloud native applications. Our CNSP offers a single user experience and a single set of unified capabilities for securing public clouds, private clouds, and multi-cloud environments.
At runtime, Prisma Cloud offers a defense-in-depth approach by covering the cloud environment, applications within it, and related cloud services and entitlements. To improve overall security outcomes, Prisma Cloud also integrates security into development and DevOps workflows to identify and prevent vulnerabilities and misconfigurations for applications and Infrastructure-as-Code.
We strongly believe that Prisma Cloud maps to Gartner’s Cloud-Native Application Protection Platform category. You can download the complimentary report, and review the full set of recommendations for yourself.
Gartner, Innovation Insight for Cloud-Native Application Protection Platforms, Neil MacDonald, Tom Croll, 25 AUGUST 2021
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Palo Alto Networks.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.