Five things security pros want from CNAPP

According to new research from ESG and the Information Systems Security Association (ISSA), 58% of organizations are consolidating or considering consolidating the number of security vendors they do business with.

Security technology consolidation is bigger than simply winnowing down vendor count.  Organizations are shifting from traditional best-of-breed security technologies to tightly integrated security technology platforms.  The research illustrates this point: While 24% of respondents say their organization tends to continue to purchase best-of-breed security technologies, 38% say they purchase integrated security technology platforms, while 15% are transitioning purchases from best-of-breed products to security technology platforms (note: the remainder responded “don’t know”).

Just what type of capabilities are security professionals looking for in integrated platforms?  In my last post, I described the five things infosec pros most want from XDR.  As part of our research, ESG and ISSA asked about other platforms as well.  Following the pattern established in that earlier post, here are the 5 things security pros want from cloud-native application protection platforms (CNAPP): 

1. Accurate threat detection, 28%. “A high level of threat detection efficacy and accurate alerting.”  Security pros want specific details on cloud-focused cyberattacks, likely presented in a timeline of events.  It’s also probable that they want this information to align with the MITRE cloud matrix.
2. Broad support, 28%. “Support for all types of server and compute platforms” (i.e., virtual machines, containers, serverless, bare metal, etc.).  This aligns with the whole platform vibe—one suite that covers everything.
3. Visibility capabilities, 23%.  “A rich set of visibility capabilities from discovery of vulnerabilities to detecting anomalous activities” that bring traditional cloud security posture management (CSPM) functionality to broader CNAPP solutions with the overall goal to have one platform that covers cloud threats and vulnerabilities.   
4. Preventative controls, 21%. “Preventative controls for hardening and threat protection,” including basic guardrails, automated rules generation, and the ability to detect and remediate drift from secure configurations.
5. Multi-cloud support, 21%. “Support for multiple public cloud infrastructure platforms and data center environments,” including central policy management and monitoring across AWS, Azure, Google, and other public and private clouds.

CNAPP may be an evolving technology, but this list is pretty solid—security practitioners want one cloud security technology platform to cover monitoring and management across all aspects of threat and vulnerability management—the whole enchilada.  My esteemed ESG colleague Melinda Marks is all over this space. 

The ESG/ISSA research report is available for free download here.  More from me soon.