Life is full of big choices: choosing between oat and almond milk at the coffee shop, deciding if it is finally time to replace the kitchen sponge, and of course, selecting a good cloud-native application protection platform (CNAPP) for your business.
CNAPPs are security solutions that protect cloud applications throughout their entire life cycle. Wiz VP of Product Marketing Jiong Liu told IT Brew that the “broad acronym,” coined by Gartner, involves everything that has to do with protecting innovation occurring in the cloud.
“When we think about CNAPP, it really is those three key legs of the stool: proactive security, preventive security, and reactive security,” Liu said.
IT Brew caught up with several cloud computing experts to discuss what companies should consider when vetting out a CNAPP solution.
Buyer’s guide. Aaron Rose, security architect manager at Check Point Software, said there are many things to consider when shopping around for CNAPP solutions. For starters, ensuring that selected solutions have adequate integration capabilities for unified cloud security. It’s for this reason that Check Point and Wiz engaged in a strategic partnership to provide CNAPP solutions to enterprises earlier this year.
“Even if you have different solutions, maybe even from different companies, you’ve got to make sure that they’re integrated in some way [and] that they work together because cybersecurity can’t actually be effective in a silo,” Rose said.
Jason Rader, VP and CISO at Insight Enterprises, stressed the value of seeking out solutions with native integration functionality.
“A native integration means that they speak the same protocol language and they can basically work [alongside] each other, and that is definitely a point that we pay a lot of attention to,” Rader said.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Rose said companies should also make sure that the CNAPP solutions they have their eyes on are able to secure everything they need, especially if they operate in a multi-cloud environment.
“Ideally, you don’t have a different CNAPP solution for each cloud,” Rose said. “That isn’t really scalable.”
Hyperscaler offerings. Rose said cloud providers often claim to offer CNAPP capabilities to some degree. However, he warned these tools can come off as “builder grade” because their speciality isn’t cybersecurity.
“It’s like when you’re building a house and you have the option [of using] the builder grade, generic stuff. Does it accomplish what you needed to do? At a very base level, yes,” Rose said. “Is it the best solution possible for this? Not necessarily.”
However, Rader told IT Brew that Google’s $32 billion purchase of Wiz earlier this year may indicate otherwise.
“Now, a hyperscaler owns what I would consider the best platform,” Rader said.
Agentless vs. agent. During the search for a CNAPP platform, agent-based and agentless security solutions may catch your attention. Gil Geron, co-founder and CEO at Orca Security, said to avoid falling down rabbit hole discussions of which is better. Instead, he advises companies to focus on what they want their solution to accomplish.
“It’s almost like asking if you want air conditioning in your car or not…That’s not a question about the car,” Geron said. “The question about the car is how it drives, how comfortable I am in the car, [and] how efficient it is. These are the questions I’m asking.”