Securing the Cloud with Cloud Native Application Protection Platforms (CNAPPs)

StrategyArchitectureSecurityTechnologyOperations
Written By Franklin Donahoe

This article provides an overview of Cloud Native Application Protection Platforms (CNAPPs). It defines CNAPPs, outlines their core functionalities (including CSPM, CWPP, CIEM, DSPM, KSPM, CDR, IaC Security, API Security, and Artifact Scanning), and discusses their role in multi-cloud environments. The document also compares native CNAPP solutions from major cloud providers (AWS, Azure, GCP), addresses the architectural challenges of implementing CNAPPs, and explores the advantages and disadvantages of adopting this security strategy. It concludes with recommendations for organizations considering CNAPP adoption.

I. Executive Summary

Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical security domain to safeguard modern cloud environments. The increasing adoption of cloud-native architectures, coupled with the complexities of multi-cloud deployments, has amplified the challenges of securing applications and data. CNAPPs offer a unified approach to address these challenges by integrating various security and compliance capabilities into a single platform. This report delves into the definition of CNAPP, its core functionalities, and how it operates across different cloud providers in multi-cloud scenarios. It also explores the distinctions between native CNAPP solutions offered by major cloud providers, the architectural hurdles in implementing CNAPPs, and the inherent advantages and disadvantages of adopting this security strategy. Ultimately, this report underscores the significance of CNAPPs in navigating the evolving cloud security landscape and provides a comprehensive understanding for technology decision-makers and security professionals.

II. Introduction to CNAPP

  • Defining CNAPP:
    A Cloud Native Application Protection Platform (CNAPP) represents a holistic and integrated security solution meticulously crafted to protect cloud-native applications throughout their entire lifecycle, commencing from the initial stages of development and extending through to their deployment and operational phase in production 1. This unified platform plays a pivotal role in simplifying the intricate landscape of cloud security by seamlessly incorporating a multitude of security and compliance functionalities into a singular, cohesive software solution 2. The term CNAPP was first introduced by Gartner in 2021, recognizing the industry's need for an all-encompassing platform that could effectively prevent, detect, and respond to the burgeoning array of cloud security threats 4. The advent of CNAPP signifies a crucial paradigm shift from the traditional approach of utilizing disparate, siloed security tools to a more consolidated strategy that offers enhanced visibility and centralized control over cloud security 4. This evolution acknowledges the limitations of isolated tools in adequately addressing the comprehensive security requirements of today's complex and distributed cloud-native applications.
    The emergence of CNAPP signifies a notable advancement in the cloud security domain, reflecting a deeper understanding of the limitations inherent in managing cloud security with a collection of separate tools. Initially, organizations addressed cloud security by adapting existing on-premises security tools or by deploying point solutions that targeted specific cloud components. However, as cloud adoption accelerated and applications became increasingly intricate and spread across multiple services, the inefficiencies of this fragmented approach became evident. Managing numerous tools led to operational overhead, inconsistencies in security policies, and gaps in visibility, ultimately increasing the risk of security breaches. The concept of CNAPP arose from the recognition that a unified platform, capable of providing an end-to-end view of security across the entire application lifecycle, was essential to effectively protect modern cloud environments.

  • Origins and Driving Forces:
    CNAPPs have become essential due to the escalating complexity of securing applications deployed in multi-cloud environments, where organizations often utilize services from various cloud providers 3. The need for a consistent security posture across these diverse platforms is a primary driver for CNAPP adoption. Furthermore, the proliferation of cloud-native architectures, characterized by the use of containers, microservices, and serverless computing, has created new security challenges that traditional security tools are ill-equipped to handle 6. CNAPPs are specifically designed to address the dynamic and ephemeral nature of these environments. A critical aspect of modern application development is the integration of security practices into the DevOps lifecycle, often referred to as DevSecOps, and the principle of "shifting left," which advocates for incorporating security early in the development process 3. CNAPPs facilitate this integration by offering tools and capabilities that can be embedded within the continuous integration and continuous delivery (CI/CD) pipeline. This helps to bridge the traditional gap between development, operations, and security teams, fostering better collaboration and ensuring that security is a shared responsibility throughout the application lifecycle 3.
    The shift towards cloud-native architectures introduced a paradigm where applications are built and deployed in a highly distributed and dynamic manner. Traditional security tools, often designed for monolithic applications running on static infrastructure, struggled to provide adequate protection in these new environments. Containers, for instance, are lightweight and ephemeral, requiring security solutions that can monitor and protect them in real time as they are created, scaled, and destroyed. Similarly, microservices architectures, with their numerous independent components, demand a security approach that can provide granular visibility and control across the entire application landscape. The concept of "shifting left" emerged as a best practice to address these challenges by embedding security considerations early in the software development lifecycle, rather than treating it as an afterthought. CNAPPs play a crucial role in enabling this shift by providing developers with tools to identify and remediate security vulnerabilities in their code and infrastructure configurations before they are deployed to production. This proactive approach not only reduces the risk of security breaches but also improves the efficiency of the development process by addressing issues earlier when they are less costly and time-consuming to fix.

III. Core Capabilities of a CNAPP

  • Key Components and Functionalities:
    A CNAPP typically encompasses a range of integrated security capabilities designed to provide comprehensive protection for cloud-native applications. These core components work in concert to offer a unified security posture across the entire application lifecycle 2.

  • Cloud Security Posture Management (CSPM): Cloud Security Posture Management (CSPM) is a fundamental component of a CNAPP, serving as a software solution meticulously designed to detect, prevent, and remediate misconfigurations within cloud environments 2. These misconfigurations can inadvertently lead to the exposure of valuable cloud resources and create potential security incidents. Beyond mere detection, CSPM solutions play a crucial role in ensuring that all cloud resources and activities strictly adhere to established industry regulations and compliance mandates 2. In instances where a resource is found to be non-compliant, security teams receive timely alerts, enabling them to promptly address the identified issues. CSPM's utility extends beyond visibility and alerts; it also provides guided or even automated remediation capabilities, effectively closing security gaps and maintaining golden standards for a robust security posture. Moreover, CSPM can be leveraged for comprehensive security risk analysis and ongoing monitoring, as well as for efficient incident response in the event of detected threats. Integrating CSPM scanning into the DevOps CI/CD pipeline further enhances security by ensuring that new Infrastructure-as-Code (IaC) definitions align with established cloud identity and access management policies 2.

  • Cloud Workload Protection Platform (CWPP): A Cloud Workload Protection Platform (CWPP) is an essential component of a CNAPP, providing runtime security for workloads deployed across various environments, including virtual machines (VMs), containers, and serverless functions 4. CWPP solutions offer critical capabilities in real-time threat detection and response, enabling organizations to identify and mitigate security threats as they occur 4. This is particularly important in the context of cloud-native applications, where workloads can be dynamic and ephemeral, scaling up and down rapidly in response to demand 5. CWPP ensures that these workloads remain protected throughout their lifecycle, providing visibility and control even as they change.

  • Cloud Infrastructure Entitlement Management (CIEM): Cloud Infrastructure Entitlement Management (CIEM) focuses on managing identity and access permissions within multi-cloud environments, adhering to the fundamental security principle of least privilege 3. By ensuring that users and services have only the necessary permissions to perform their designated tasks, CIEM plays a crucial role in preventing unauthorized access to sensitive cloud resources and mitigating the risk of data breaches 3.

  • Data Security Posture Management (DSPM): Data Security Posture Management (DSPM) provides organizations with essential visibility into how data is being used and classified across multiple cloud environments 3. A key function of DSPM is to prevent sensitive data from being inadvertently or maliciously leaked, ensuring that data is appropriately protected and handled in accordance with security policies and regulatory requirements.

  • Kubernetes Security Posture Management (KSPM): Kubernetes Security Posture Management (KSPM) is specifically designed to maintain and enforce security best practices for container orchestration platforms such as Kubernetes 3. Given the increasing adoption of Kubernetes for deploying and managing cloud-native applications, KSPM is a critical capability within a CNAPP, ensuring that Kubernetes clusters and the applications running on them are securely configured and protected from potential threats.

  • Cloud Detection and Response (CDR): Cloud Detection and Response (CDR) offers advanced capabilities for threat detection, incident response, and continuous monitoring specifically tailored for cloud environments 3. CDR solutions within a CNAPP leverage cloud-native security controls to gain real-time visibility into cloud assets, configurations, and activities, enabling organizations to quickly identify and respond to security incidents.

  • Infrastructure-as-Code (IaC) Security: Infrastructure-as-Code (IaC) security involves the practice of scanning IaC templates, which are used to define and provision cloud infrastructure, for misconfigurations and vulnerabilities early in the software development lifecycle 2. By identifying and addressing security issues in the IaC phase, organizations can prevent insecure infrastructure from being deployed, thereby reducing the attack surface and improving overall cloud security.

  • API Security: Given that APIs serve as the connective tissue in cloud-native environments, API security is a crucial aspect of a CNAPP 5. This includes capabilities for automatic API discovery and inventory, threat protection against API-specific attacks such as injection attacks and unauthorized access, and API governance and compliance to ensure that APIs adhere to organizational security policies and regulatory requirements.

  • Artifact Scanning: CNAPPs typically offer the capability to scan various artifacts, such as container images and code repositories, for known vulnerabilities, misconfigurations, and other security risks 2. This proactive approach helps to identify and address security issues before applications are deployed into production.

CNAPPs frequently integrate advanced technologies such as artificial intelligence (AI) and machine learning (ML) to enhance their capabilities in real-time threat detection, anomaly detection, and the critical task of risk prioritization 3. Furthermore, a unified dashboard serves as a central hub, providing security teams with comprehensive visibility and management capabilities across all connected cloud environments 2.The convergence of these diverse security functionalities within a single platform distinguishes a CNAPP, facilitating a holistic and context-aware approach to cloud security. This level of integration was previously challenging to achieve when relying on a collection of disparate security tools. The ability of a CNAPP to correlate information from various security layers, identify intricate attack pathways, and provide a comprehensive understanding of the overall risk landscape underscores its value in modern cloud security. This integrated perspective empowers organizations to prioritize and remediate security issues more effectively, ultimately strengthening their cloud security posture.

IV. CNAPP in Multi-Cloud Environments

  • Unified Security Across Diverse Platforms:
    CNAPPs are specifically engineered to deliver consistent security and compliance measures across a diverse range of cloud environments, encompassing public, private, and hybrid deployments 2. This capability allows organizations to achieve comprehensive visibility into their multi-cloud data estate, providing a unified view of their security posture regardless of the underlying cloud infrastructure 2. By simplifying the processes of monitoring, detecting, and remediating potential threats across these varied environments, CNAPPs significantly enhance an organization's ability to maintain a strong security stance 1. Furthermore, the consolidation of multiple security tools into a single CNAPP solution helps to reduce complexity and operational overhead, streamlining security management for organizations operating in multi-cloud scenarios 2.
    The increasing prevalence of multi-cloud strategies among organizations underscores the critical need for security solutions that can operate seamlessly across different cloud providers. Organizations often adopt this approach to enhance flexibility, avoid dependence on a single vendor, optimize costs by leveraging the specific pricing models of different providers, or access specialized services offered by various cloud platforms. However, this multi-cloud reality introduces significant complexities in managing security. Each cloud provider has its own unique set of security services, policies, and configurations, which can lead to inconsistencies and gaps in an organization's overall security posture if managed separately. CNAPPs address this challenge by providing a centralized platform that offers a unified view of security risks and enables the consistent enforcement of security policies across all connected cloud environments. This unified approach simplifies security operations, reduces the likelihood of misconfigurations due to the need to manage multiple cloud-specific security tools, and ultimately strengthens the organization's ability to protect its applications and data in a multi-cloud world.

V. Interoperability Across Cloud Providers

  • Working Across Cloud Instances with Different Native Solutions:
    While major cloud providers offer their own suite of native security services, third-party CNAPP vendors develop their platforms with the specific intention of integrating seamlessly with and providing a unified security layer that operates effectively across these diverse native solutions 13. A key enabler of this interoperability is the use of standardized Application Programming Interfaces (APIs) and pre-built integrations. These mechanisms allow CNAPPs to efficiently collect security-relevant data from different cloud platforms and to enforce security policies in a consistent manner, abstracting away some of the underlying complexities of each cloud provider 5. Many CNAPPs offer a choice of deployment models, including agent-based approaches, where software agents are installed on cloud workloads to gather detailed information, and agentless approaches, which leverage cloud provider APIs to collect necessary context without requiring on-instance agents 5. The overarching goal of these platforms is to provide cloud-agnostic security, meaning that the security strategy and its implementation remain consistent regardless of the specific cloud provider being used 17. For instance, a CNAPP can offer a single, consolidated view of an organization's security posture, highlighting prioritized risks and automating compliance reporting across environments hosted on AWS, Azure, and GCP 2.
    While native cloud security solutions are typically optimized for the specific intricacies and services of their respective cloud environments, organizations that have adopted a multi-cloud strategy often find significant value in deploying a third-party CNAPP. These platforms offer a unified management interface and a consistent set of security controls that can be applied across all their cloud deployments. This approach reduces the operational burden of having to learn and manage the nuances of each individual cloud provider's security offerings. By providing a single pane of glass for security management, CNAPPs enable security teams to enforce policies uniformly, gain a holistic understanding of the risks across their entire cloud footprint, and streamline security operations, irrespective of where their applications and data are hosted. This interoperability is crucial for maintaining a strong and consistent security posture in today's heterogeneous cloud landscape.

VI. Differences Between Cloud Providers and CNAPP

  • Variations in Native CNAPP Solutions:
    Major cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) have developed their own native security services that align with the core principles of a CNAPP, offering integrated capabilities for cloud security posture management, workload protection, and more 4. However, there are notable differences in their features, functionalities, and the extent of their multi-cloud support.

  • AWS: AWS offers AWS Security Hub, a cloud security posture management service designed to automate continuous security best practice checks against AWS resources 23. It excels at aggregating security alerts from various AWS services and partner solutions into a standardized format, providing a centralized view of the security state within the AWS ecosystem 23. While primarily focused on AWS, Security Hub does offer some capabilities for managing security data from hybrid and multi-cloud environments through integrations with other AWS services and third-party tools 38.

  • Azure: Microsoft provides Microsoft Defender for Cloud, a comprehensive and unified CNAPP platform that extends its security capabilities across Azure, AWS, and GCP 4. Defender for Cloud offers a broad range of features, including cloud security posture management (CSPM), cloud workload protection platform (CWPP), cloud infrastructure entitlement management (CIEM), and security for DevOps environments 4. It benefits from deep integration with other Microsoft security services and provides strong support for hybrid cloud scenarios through Azure Arc 14.

  • GCP: Google Cloud Platform offers Google Cloud Security Command Center, a native security and risk management service designed to help organizations strengthen their security posture in GCP 30. Notably, the Enterprise tier of Security Command Center provides multi-cloud support, extending its capabilities to include AWS and Azure environments 30. GCP's offering emphasizes threat detection, security posture management, and compliance monitoring, leveraging the expertise of Mandiant and the power of Gemini AI to enhance its threat intelligence and analysis capabilities 30.

While these native solutions offer robust security within their respective cloud platforms and are increasingly extending their reach to multi-cloud environments, organizations may still choose to adopt third-party CNAPPs. This decision can be driven by the need for broader coverage across a larger number of cloud providers, access to specific features or functionalities not available in the native offerings, or a preference for vendor neutrality in their security strategy 13.The major cloud providers are clearly acknowledging the critical role of integrated cloud security platforms and are actively developing their own services to meet this demand, aligning with the CNAPP framework. However, the specific features, the depth of those features, and the level of support for multi-cloud environments can vary significantly among these native solutions. This variation is a key factor that organizations must consider when deciding between leveraging native CNAPP-like services and opting for third-party platforms to secure their cloud-native applications.

VII. Architectural Challenges of Implementing CNAPP

  • Technical and Organizational Hurdles:
    The implementation of a CNAPP can present several architectural challenges for organizations. Integrating a new security platform with existing cloud infrastructure, which may span multiple providers, and with the organization's current suite of security tools can be a complex undertaking 2. A significant hurdle is the presence of data silos. Effective analysis and correlation of security information across different cloud providers require a unified data model, which can be difficult to achieve given the disparate formats and storage mechanisms used by each provider 2. Managing and enforcing consistent security policies across diverse cloud environments poses another challenge. Each cloud provider has its own unique configurations, compliance requirements, and policy frameworks, which can complicate the task of establishing and maintaining a uniform security posture 3.
    Furthermore, the potential for alert fatigue is a considerable concern. If a CNAPP generates a large volume of alerts, especially those that are not effectively prioritized or lack sufficient context, security teams can become overwhelmed, potentially leading to critical alerts being missed 2. Therefore, the integration of robust risk prioritization mechanisms and comprehensive threat intelligence is crucial for a CNAPP's effectiveness. Successful CNAPP implementation necessitates careful planning and a thorough evaluation to ensure that the chosen solution aligns precisely with the organization's specific security needs and integrates smoothly with existing operational workflows 2. This process requires the active involvement and collaboration of security, cloud platform, and development teams to ensure alignment and address potential integration issues proactively 3. Finally, organizations must also consider the potential performance impact associated with deploying CNAPP agents on their cloud workloads or utilizing agentless scanning methods, ensuring that security measures do not inadvertently create resource bottlenecks or negatively affect application performance 5.
    While CNAPPs offer the promise of simplified cloud security management, their implementation is not without its complexities. The need to integrate a new platform into an often intricate and already established cloud environment, coupled with the challenges of ensuring data compatibility and policy consistency across different cloud providers, demands careful consideration and planning. Additionally, the effectiveness of a CNAPP is highly dependent on its ability to provide meaningful and actionable insights without overwhelming security teams with excessive or irrelevant alerts. Addressing these architectural challenges is paramount for organizations seeking to leverage the full potential of a CNAPP to enhance their cloud security posture.

VIII. Pros and Cons of CNAPP

  • Advantages of Adopting a CNAPP Approach:
    Adopting a Cloud Native Application Protection Platform (CNAPP) offers numerous advantages for organizations seeking to enhance their cloud security posture. CNAPPs provide a centralized security framework that ensures consistent protection across various cloud platforms, thereby reducing vulnerabilities and improving overall security resilience 2. Furthermore, they improve compliance by automating the monitoring and reporting processes required to adhere to regulatory standards, minimizing the risk of non-compliance penalties 2. Operational efficiency is also significantly increased as CNAPPs streamline security processes through automation, allowing security teams to redirect their focus towards more strategic initiatives 2. CNAPPs enhance visibility and provide crucial context by offering a consolidated view of risks and accurate information, which enables security teams to respond rapidly to threats and make well-informed decisions 2. By integrating multiple security tools into a single platform, CNAPPs reduce complexity and overhead associated with managing disparate solutions 2. Moreover, they improve the productivity of developers and DevOps teams by identifying misconfigurations and potential threats early in the CI/CD pipeline 2. CNAPPs facilitate faster risk remediation by offering automated or guided workflows to address identified security issues 2. Finally, by preventing security breaches and minimizing downtime, CNAPPs can contribute to cost optimization and may also lead to reduced overall security tool costs through the consolidation of functionalities 2.
    Despite the numerous benefits, there are also potential disadvantages and limitations associated with implementing and managing CNAPP solutions. The initial implementation can be complex, requiring careful planning, configuration, and integration with the organization's existing cloud infrastructure and security ecosystem 2. There is also a risk of alert fatigue if the CNAPP is not properly tuned and generates a high volume of unprioritized or false positive alerts, which can overwhelm security teams and potentially lead to the overlooking of genuine threats 2. Choosing a specific CNAPP vendor might lead to vendor lock-in, potentially limiting flexibility in the future 47. The cost of implementing and managing a comprehensive CNAPP solution can be significant, particularly for large and intricate cloud environments 25. Security and DevOps teams may face a learning curve as they become familiar with a new CNAPP platform and its features 4. Ensuring seamless integration with all existing security tools and workflows can also present challenges and might necessitate custom configurations 2. Given that the CNAPP market is still relatively new and evolving, the maturity and capabilities of different vendor offerings can vary considerably 4. Finally, like any security technology, CNAPPs are not immune to generating false positives, which require time and resources to investigate and resolve 8.
    While the advantages of adopting a CNAPP approach are substantial and address critical needs in cloud security, organizations must carefully consider these potential drawbacks and limitations. A thorough evaluation of their specific requirements, existing infrastructure, and the various CNAPP solutions available is essential to determine the most suitable approach for their unique circumstances.

IX. Conclusion and Recommendations

Cloud Native Application Protection Platforms (CNAPPs) represent a significant evolution in the realm of cloud security, offering a unified and proactive strategy to address the multifaceted challenges of protecting cloud-native applications, especially within complex multi-cloud environments. The integration of diverse security capabilities into a single platform provides organizations with enhanced visibility, improved operational efficiency, and a stronger security posture throughout the application lifecycle.

For organizations considering the adoption of a CNAPP, several key recommendations should be taken into account. Begin by thoroughly assessing your current cloud security posture to identify existing gaps and vulnerabilities 12. Clearly define the specific security requirements and objectives you aim to achieve with a CNAPP solution. Conduct a comprehensive evaluation of various CNAPP vendors and their offerings, paying close attention to factors such as the breadth of coverage, the depth of features, integration capabilities with your existing toolchain, and the overall cost 12. Prioritize selecting a comprehensive and mature solution that adequately supports your specific multi-cloud environment and the types of artifacts you need to protect 4. Develop a detailed plan for integrating the chosen CNAPP with your existing security tools and DevOps pipelines to ensure seamless operation 2. Recognize the importance of change management and invest in providing adequate training for both security and development teams to ensure effective utilization of the new platform 4. Embrace a DevSecOps culture by embedding security considerations into the earliest stages of the application development process, leveraging the capabilities of the CNAPP to "shift left" 3. Continuously monitor and optimize the CNAPP's configuration to minimize alert fatigue and maximize its effectiveness in identifying and responding to genuine threats 2. Finally, establish a process for regularly reviewing and updating your CNAPP strategy to adapt to the ever-evolving threat landscape and any changes in your cloud infrastructure 4.

In conclusion, CNAPPs represent a critical advancement in the field of cloud security. By offering a unified and proactive approach to safeguarding cloud-native applications in today's increasingly complex multi-cloud world, they empower organizations to navigate the evolving threat landscape with greater confidence and resilience.

Works cited

1. www.crowdstrike.com, accessed March 20, 2025, https://www.crowdstrike.com/en-us/cybersecurity-101/cloud-security/cloud-native-application-protection-platform-cnapp/#:~:text=What%20is%20CNAPP%20(cloud%2Dnative,cloud%20security%20threats%20and%20vulnerabilities.

2. What is CNAPP (cloud-native application protection platform)? - CrowdStrike, accessed March 20, 2025, https://www.crowdstrike.com/en-us/cybersecurity-101/cloud-security/cloud-native-application-protection-platform-cnapp/

3. What is a Cloud Native Application Protection Platform (CNAPP)? - Check Point Software, accessed March 20, 2025, https://www.checkpoint.com/cyber-hub/cloud-security/what-is-a-cloud-native-application-protection-platform-cnapp/

4. What Is a CNAPP? | Microsoft Security, accessed March 20, 2025, https://www.microsoft.com/en-us/security/business/security-101/what-is-cnapp

5. What Is CNAPP? - Palo Alto Networks, accessed March 20, 2025, https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform

6. FAQs & Resources: Cloud-Native Application Protection Platform (CNAPP)? - Qualys, accessed March 20, 2025, https://www.qualys.com/faq-cloud-native-application-protection-platform/

7. What is a CNAPP? - Sysdig, accessed March 20, 2025, https://sysdig.com/learn-cloud-native/what-is-a-cloud-native-application-protection-platform-cnapp/

8. What Is a Cloud Native Application Protection Platform (CNAPP)? Components, Challenges and Benefits - Aqua Security, accessed March 20, 2025, https://www.aquasec.com/cloud-native-academy/cnapp/what-is-cnapp/

9. What is CNAPP? Cloud Security Simplified for Modern Workloads, accessed March 20, 2025, https://fidelissecurity.com/cybersecurity-101/cloud-security/what-is-cnapp/

10. How to Secure Cloud-Native Applications in Hybrid and Multi-Cloud Environments?, accessed March 20, 2025, https://www.ilink-digital.com/insights/blog/how-to-secure-cloud-native-applications-in-hybrid-and-multi-cloud-environments/

11. What is CNAPP (Cloud-Native Application Protection Platform)? - SentinelOne, accessed March 20, 2025, https://www.sentinelone.com/cybersecurity-101/cloud-security/what-is-a-cnapp/

12. CNAPP, the (r)evolution of cloud security - Eviden, accessed March 20, 2025, https://eviden.com/insights/blogs/evolution-of-cloud-security-with-cnapp/

13. The Open-Source CNAPP Toolkit | Wiz, accessed March 20, 2025, https://www.wiz.io/academy/open-source-cnapp-tools

14. Understanding Microsoft CNAPP: How Defender for Cloud Secures Your Multicloud Workloads - baseVISION AG, accessed March 20, 2025, https://www.basevision.ch/understanding-microsoft-cnapp-how-defender-for-cloud-secures-your-multicloud-workloads/

15. Cloud Native Application Protection Platform (CNAPP) - Orca Security, accessed March 20, 2025, https://orca.security/platform/cnapp-cloud-security-platform/

16. Cloud Security Alliance Survey Finds Complexity of Multi-cloud | CSA, accessed March 20, 2025, https://cloudsecurityalliance.org/press-releases/2023/08/24/cloud-security-alliance-survey-finds-complexity-of-multi-cloud-environments-driving-use-of-cloud-native-application-protection-platforms

17. The Ultimate Buyer's Guide to Cloud-Native Application Protection Platforms (CNAPP) - Check Point, accessed March 20, 2025, https://checkpoint.com/kr/downloads/resources/ultimate-cloud-security-cnap-buyers-guide.pdf

18. Harnessing CNAPP: A Guide to Understanding and Implementing Cloud Security RACE, accessed March 20, 2025, https://race.reva.edu.in/race-lab/harnessing-cnapp

19. Cloud Native Application Protection Platform (CNAPP) - Rapid7, accessed March 20, 2025, https://www.rapid7.com/fundamentals/what-is-cloud-native-application-protection-platform-cnapp/

20. From plan to deployment: Implementing a cloud-native application protection platform (CNAPP) strategy - Microsoft, accessed March 20, 2025, https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/Implementing-A-Cloud-Native-Application-Protection-Strategy-Ebook.pdf

21. CNAPP Solutions: Choosing the Right One in 2025 - SentinelOne, accessed March 20, 2025, https://www.sentinelone.com/cybersecurity-101/cloud-security/cnapp-solutions/

22. CloudGuard Native Application Protection - Check Point Software, accessed March 20, 2025, https://www.checkpoint.com/cloudguard/cnapp/

23. Cloud Security Posture Management – AWS Security Hub FAQs – Amazon Web Services, accessed March 20, 2025, https://aws.amazon.com/security-hub/faqs/

24. Cloud Security Posture Management - AWS Security Hub, accessed March 20, 2025, https://aws.amazon.com/security-hub/

25. Microsoft Defender for Cloud pricing, accessed March 20, 2025, https://azure.microsoft.com/en-us/pricing/details/defender-for-cloud/

26. Microsoft Defender for Cloud | Microsoft Security, accessed March 20, 2025, https://www.microsoft.com/en-us/security/business/cloud-security/microsoft-defender-cloud

27. Microsoft Defender for Cloud - CSPM & CWPP, accessed March 20, 2025, https://azure.microsoft.com/en-us/products/defender-for-cloud

28. Microsoft Defender for Cloud Overview, accessed March 20, 2025, https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction

29. What is multicloud security? - Microsoft, accessed March 20, 2025, https://www.microsoft.com/en-us/security/business/security-101/what-is-multicloud-security

30. Security Command Center | Google Cloud, accessed March 20, 2025, https://cloud.google.com/security/products/security-command-center

31. Security Command Center overview | Google Cloud, accessed March 20, 2025, https://cloud.google.com/security-command-center/docs/security-command-center-overview

32. Go beyond multi-cloud CNAPP with Security Command Center Enterprise - YouTube, accessed March 20, 2025, https://www.youtube.com/watch?v=g3pJJbGbkQg

33. Making Sense of CNAPP - United States Cybersecurity Magazine, accessed March 20, 2025, https://www.uscybersecurity.net/csmag/making-sense-of-cnapp/

34. 15 CNAPP Best Practices to Implement Today - Checkmarx, accessed March 20, 2025, https://checkmarx.com/learn/code-to-cloud-security/cnapp-best-practices/

35. What's New in Security Command Center? - Google Cloud Community, accessed March 20, 2025, https://www.googlecloudcommunity.com/gc/Security-Command-Center/What-s-New-in-Security-Command-Center/m-p/818726

36. The Five Key Benefits of CNAPP: How It Helps to Protect Cloud Workloads, accessed March 20, 2025, https://cloudsecurityalliance.org/articles/the-five-key-benefits-of-cnapp-how-it-helps-to-protect-cloud-workloads

37. Cloud-Native Security: 4 C's and 5 Strategies - Tigera, accessed March 20, 2025, https://www.tigera.io/learn/guides/cloud-native-security/

38. Multicloud Solutions – Multi-cloud Management and Strategy - AWS, accessed March 20, 2025, https://aws.amazon.com/hybrid-multicloud/

39. Cloud-Native vs. Cloud Agnostic Design: What's the Difference? | Synopsys Blog, accessed March 20, 2025, https://www.synopsys.com/blogs/chip-design/cloud-native-vs-cloud-agnostic.html

40. Security Command Center Enterprise - Journey Overview - Google Cloud Community, accessed March 20, 2025, https://www.googlecloudcommunity.com/gc/SCC-Enterprise/Security-Command-Center-Enterprise-Journey-Overview/ta-p/853206

41. AWS Security Hub Overview and Demo, accessed March 20, 2025, https://aws.amazon.com/awstv/watch/82c6d91c1e4/

42. AWS Security Hub - AWS Documentation, accessed March 20, 2025, https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html

43. AWS Marketplace: Cloud-Native Application Protection Program, accessed March 20, 2025, https://aws.amazon.com/marketplace/pp/prodview-ospetmksmgfru

44. AWS Marketplace: Infinity Global Services, Managed CSPM and CNAPP Platforms, accessed March 20, 2025, https://aws.amazon.com/marketplace/pp/prodview-sobmzhsbuhqsy

45. What is Multi-Cloud Management? - CrowdStrike, accessed March 20, 2025, https://www.crowdstrike.com/en-us/cybersecurity-101/cloud-security/multi-cloud-management/

46. What are the Challenges to Multi-Cloud Management? - nOps, accessed March 20, 2025, https://www.nops.io/blog/what-are-the-challenges-to-multi-cloud-management/

47. What is Multi Cloud Security? Benefits, Challenges, and Strategies | Wiz, accessed March 20, 2025, https://www.wiz.io/academy/multi-cloud-security

Franklin Donahoe
Previous

Modernizing Network Infrastructure for the Age of Artificial Intelligence
Next

Analysis of the KnowBe4 Insider Threat Incident and Strategies for Defending Against Advanced Social Engineering Attacks