I am a CISO at a medium-sized computer software company.
I am currently researching the best CNAPP solution. What CNAPP solution do you recommend for a hybrid cloud? Why do you recommend that specific solution?
Thank you for your help.
Gartner coined the term CNAPP, and they defined 3 main areas of capabilities. The first one is artifact scanning which spans SAST/DAST tools, software composition analysis, code repository scanning, and others. This area mainly focuses on shift left security capabilities that go as upstream as possible within the application development lifecycle (code, build, deploy, run) and provide scanning capabilities for application code among other things. The goal of these capabilities is to identify and remediate any issues in code before applications reach production as the risk increases 100-fold once code gets deployed at scale. The second area is cloud configurations that closely follow the usage of cloud infrastructures and platforms and define security solutions areas covering infra as code templates, infra entitlements and identity management, and cloud security posture management. This part of security largely addresses data security and permissions in the cloud as a top concern today. The third area of CNAPP is runtime application protection which has little to do with the cloud and a lot to do with application development. App dev took a turning point in 2013 or so which gave birth to modern app sec solutions. That turning point is when microservices and containers went on a path to becoming mainstream.
Generally speaking, there are three distinct areas of CNAPP today, cloud, application, and network security. If you are a heavy user of the public cloud you will want to have clear visibility, compliance, and governance of your cloud assets. You will want to protect your data and manage cloud identities, and prevent drifts in your IaC templates. If you have a large footprint of cloud-native applications, you use containers, and have many workloads spanning your hybrid and distributed environment, then you will need visibility and vulnerability management to map your environment and calculate the risk your workloads carry. Such as how many workloads you have, which ones host web applications and API endpoints, do you have ingress ports open. Are your sensitive data exposed either via an API or a public-facing workload. Lastly, the network security area covers network segmentation and east-west protections helping you address the lateral spread of attacks to name a few.
Your CNAPP solution will depend on what areas are your top concerns. Prisma Cloud by Palo Alto Networks offers CNAPP capabilities across many of the areas defined by Gartner. You can check it out here https://www.paloaltonetworks.com/prisma/cloud And there is a free trial that includes your security risk assessment.
Best of luck and feel free to follow up.
After sifting through all the different options to find the Cloud-Native Application Protection Platform (CNAPP) that would offer the highest level of value, I feel that Prisma Cloud by Palo Alto Networks is the solution that beats out its competitors. If I were asked to offer a recommendation, I would say that this is the best possible investment for those looking to acquire a cloud-native application protection platform.
The sheer versatility and power of the tools and features that Prisma Cloud offers users is what drew me to it. These features and tools include:
Security suite. Prisma Cloud comes with a powerful suite of security features that allows me to keep my application development process and product safe from all manner of digital threats. It enables me to protect my code by weeding out potential vulnerabilities while it is still in the development stage, long before it is released into the world. I can also use its scanning capabilities to find issues as they spring up. Machine learning algorithms enable me to see behavior that deviates from the norm that I can then correct.
Unified management dashboard. I only need a single dashboard to administer and manage Prisma Cloud’s security suite. If I had a large team working with me, we would be able to collaborate using this interface. It simplifies the management process by enabling all of the security work to be done from a single location.
Integration suite. Prisma Cloud is highly flexible in that it enables me to utilize some of the most widely-used integrated development environment and software configuration management tools alongside it. If I am missing any critical development tools, Prisma Cloud makes it possible for me to go out and fill those holes without compromising on security.
Cloud-Native Application Protection Platform (CNAPP) is a cloud-native security model that combines Cloud Service Network Security (CSNS), Cloud Security Posture Management (CSPM), and Cloud Workload Protection Platform (CWPP) into one unified platform. The purpose of CNAPP is to replace multiple independent cloud security tools with a single security solution.
Multiple non-related solutions will inevitably have integration difficulties and visibility gaps. This causes DevSecOps teams to have more work as a result, and enterprise workload observability is decreased. Enterprises can solve these problems and enhance their overall security posture by utilizing a CNAPP.
It can be difficult to know what to add to the cloud-native application lifecycle in order to establish a decent level of security policy and enforcement. Utilizing a CNAPP in your environment will give you comprehensive coverage of every part of it, from proactive workload validation to auditing the policies on the public cloud platform you are using.
There are numerous security scanning, monitoring, and observability cloud-native tools. The capacity to contextualize data and provide end-to-end visibility throughout an enterprise's application architecture, however, distinguishes CNAPP from its competitors. A CNAPP solution, for instance, can set up alerts that represent the most risk to an organization thanks to its end-to-end visibility and precise detail on configurations, technology stacks, and identities.
One of the most frequent issues enterprises encounter is the incorrect configuration of cloud workloads, containers, or Kubernetes (K8s) clusters. CNAPP systems proactively scan for, identify, and swiftly address security and compliance problems brought on by misconfigurations.
A cloud-native application protection platform (CNAPP) is a solution that is designed to empower users to ensure that their cloud-based applications are secured at every stage of their development and production processes. They are complete solutions that are specifically built to safeguard the kinds of applications that more traditional application protection platforms cannot.
CNAPPs are invaluable because they provide security and DevOps teams with a comprehensive set of tools with which they can protect applications from any number of digital threats. They simplify the process of protecting cloud-hosted applications without sacrificing efficiency. Users of CNAPPs are provided with capabilities that overcome many of the shortcomings of legacy solutions.
Some of the capabilities that CNAPPs offer include:
Single pane of glass visibility and management. This single dashboard enables the various members of an organization’s security and DevOps to collaborate. They can see any and all threats that might arise and work together to resolve the issue before it has the opportunity to escalate. Every member of these teams is given the information that they need to make informed decisions.
Security guardrails. DevOps teams can use this feature to control the security of their development process at every level. Developers leverage this integration to organically include application security in whatever stage they are working on.
Security automation. Security teams have the ability to automate many of the basic but critical security-related tasks that can potentially be handled unreliably if the wrong person is assigned to them. The ability to automate those processes can increase the efficiency of an organization's security operations by removing the possibility of human error.
The capabilities that CNAPPs can offer organizations that develop or run cloud-based applications are what make them so important.
As more organizations shift to the cloud, securing those cloud environments has become a top priority. With cloud environments, companies are facing challenges, with more regulations, a higher rate of data loss, and an increase in the number of attacks.
To handle these challenges, organizations need to gain security and visibility for their software-as-a-service (SaaS), platform-as-a-service ...
This is our new Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members.
Is RPA beneficial for a healthcare organization?
With the increasing risk of cyber attacks in the west, due to the war in Ukraine, how safe is your data in the cloud?
8 Business Automation Ideas to Save Time and...
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud misconfigurations are occuring. It also has a very sophisticated GUI and is very easy to use.
Prisma Cloud is a powerful tool with many valuable features. Some of these include:
Policy guidance: Prisma Cloud comes prepackaged with very accurate policies. These policies provide good guidance as to why the policy was created, as well as information on how to remediate anything that violates the policy.
Cloud network monitoring and scanning: Prisma Cloud scans the overall architecture of our AWS network to identify open ports and other vulnerabilities, and then it highlights them for us. It scans our containers in real time even as they are being created. Prisma Cloud scans the container repository where the images are built, and notifies us if it sees vulnerabilities, or if we should update code before deployment. The system is also constantly scanning for vulnerabilities in the containers that we already have running in production.
Alerts: Prisma also has a very advanced alerting system. When it sends us an alert notifying us that there is a problem, it gives us a detailed explanation in the alert, explaining what needs to be done in order to remediate the problem. Prisma Cloud has excellent AI. It always suggests a way to actually resolve and apply the correct settings, in line with a given standard. There's almost no thinking necessary for the user. It's always on-point and it's as if it offers up the specific criteria and runbooks to resolve vulnerabilities. This feature really helps reduce alert investigation times and prevents a lot of security issues.
Built in reports: Prisma Cloud has excellent reporting capabilities. It allows you to automate how frequently you want reports to be generated. The reports indicate if there has been any improvement or reduction in vulnerabilities over a certain time period. You can also get a snapshot of specific times in history. It can be over a 24-hour period, a number of days, or a month, to determine what the network looked like at a certain point in time and generate reports from that. In addition to that, Prisma Cloud also can display a snapshot of your defined priorities for threat mitigation, such as identity access management, key rotation, or secrets management. Prisma Cloud can also create a report for you with explanations on how to remediate any vulnerabilities it detects.
Integration for event handling: Another useful feature is Prisma Cloud’s dynamic events. You can generate dynamic events and have them sent to Slack or JIRA. IT can then look at what that specific event was and also receive information on how to remediate it.
Flexible pricing: The price is fair. We receive discounts at the end of the year based on the value that it brings.
One improvement I would like to see would be the ability to customize the interface. This might not bother all users, since there is an API that can be used to create more independent systems.