According to new research from ESG and the Information Systems Security Association (ISSA), 58 per cent of organisations are consolidating or considering consolidating the number of security vendors they do business with.
Security technology consolidation is bigger than simply winnowing down vendor count however. Organisations are shifting from traditional best-of-breed security technologies to tightly integrated security technology platforms.
The research illustrates this point: while 24 per cent of respondents say their organisation tends to continue to purchase best-of-breed security technologies, 38 per cent say they purchase integrated security technology platforms, while 15 per cent are transitioning purchases from best-of-breed products to security technology platforms (note: the remainder responded “don’t know”).
Just what type of capabilities are security professionals looking for in integrated platforms? In my last post, I described the five things infosec pros most want from XDR.
As part of the research, ESG and ISSA asked about other platforms as well. Following the pattern established in that earlier post, here are the five things security pros want from cloud-native application protection platforms (CNAPP):
1 - Accurate threat detection (28 per cent): “A high level of threat detection efficacy and accurate alerting.” Security pros want specific details on cloud-focused cyberattacks, likely presented in a timeline of events. It’s also probable that they want this information to align with the MITRE cloud matrix.
2 - Broad support (28 per cent): "Support for all types of server and compute platforms” (i.e., virtual machines, containers, serverless, bare metal, etc). This aligns with the whole platform vibe — one suite that covers everything.
3 - Visibility capabilities (23 per cent): “A rich set of visibility capabilities from discovery of vulnerabilities to detecting anomalous activities” that bring traditional cloud security posture management (CSPM) functionality to broader CNAPP solutions with the overall goal to have one platform that covers cloud threats and vulnerabilities.
4 - Preventative controls (21 per cent): “Preventative controls for hardening and threat protection,” including basic guardrails, automated rules generation, and the ability to detect and remediate drift from secure configurations.
5 - Multi-cloud support (21 per cent): “Support for multiple public cloud infrastructure platforms and data center environments,” including central policy management and monitoring across Amazon Web Services, Microsoft Azure, Google Cloud, and other public and private clouds.
CNAPP may be an evolving technology, but this list is pretty solid — security practitioners want one cloud security technology platform to cover monitoring and management across all aspects of threat and vulnerability management — the whole enchilada.