Cloud-native application protection platforms (CNAPPs) have emerged as a popular solution for DevOps and SecOps looking to consolidate once-siloed cloud security and management solutions. Understanding the drivers and capabilities behind the CNAPP phenomena may help you maximize the good, minimize the bad, and manage the ugly when it comes to building and maintaining your cloud security strategy.
- The Good: Conceptually, CNAPPs consolidate many previously siloed solutions, such as container security (CS), cloud workflow protection (CWP), cloud security posture management (CSPM), and more.
- The Bad: While CNAPP solutions seek to simplify cloud infrastructure and security, their ability to provide harmonious security is not uniform from vendor to vendor. It's important to understand what kind of vendor you're looking at to minimize the bad.
- The Ugly: The ugly stems from the fact that cloud scalability and security demands often have seemingly conflicting implications for the corresponding teams that manage each need. On the one hand, you have CTOs and DevOps; on the other, SecOps and the CISO.