There is synergy in combining CWPP and CSPM capabilities, and multiple vendors are pursuing this strategy. The combination will create a new category of CNAPPs that scan workloads and configurations in development and protect workloads and configurations at runtime.
In this report, among its recommendations, Gartner is advising its clients to:
- Favor CWPP vendors who specialize in container orchestration monitoring and serverless functionality.*
- Require CWPP vendors to offer integrated cloud security posture management (CSPM) capabilities to identify risky configurations.*
- Proactively extend workload testing (especially with containers and serverless) into the CI/CD pipeline. CWPP offerings that focus on runtime protection only are missing the critical shift in how applications and the workloads that host them are being developed.*
Get the full Gartner report today!
* Gartner, “Market Guide for Cloud Workload Protection Platforms”, Neil MacDonald, Tom Croll, 14 April 2020.
1. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
2. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.