Security Above and Beyond CNAPPs

May 10, 2022 TH Author Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Compliance&Risks, Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Exploits&Vulnerabilities, Trend Micro Research : Security Strategies, Trend Micro Research : Web

The cloud is driving transformative benefits for global organizations. But in rushing their applications and infrastructure into new computing environments, they’re also exposing business-critical data to new risks. There are now more ways for the bad guys to steal data, deploy malware, hijack resources, and hold them to ransom. The complexity of hybrid and multi-cloud environments and the need to coordinate across multiple stakeholder groups further compound these challenges.

The answer is a simple, flexible, unified security platform. But as industry analysts are already suggesting, organizations need to go beyond the confines of traditional Cloud-Native App Protection Platforms (CNAPPs) to include extended threat detection and response (XDR). This is where Trend Micro One is way ahead of the curve.

Why Cloud-Native Apps (CNAPP)?

No two organizations are the same. But one thing the cloud has done most is increase the complexity of their IT environments. Some 92% of enterprises have a multi-cloud strategy, while 80% are invested in hybrid cloud. That means most are running a blend of on-premises and cloud and multiple cloud providers. All of which need managing and securing in different ways. To add to this complexity, various groups—from cloud operations and cloud architects to DevOps and traditional security teams—all have their own competing objectives and requirements.

This is part of the reason why CNAPP is gaining traction—consolidating many of the most important features from siloed point products into one streamlined offering. The main capabilities are usually listed as artifact scanning, runtime protection, and cloud configuration. By delivering automated, powerful protection like this, organizations can overcome developers’ security knowledge gaps, accelerate time-to-value, reduce the security gaps that point products create, and drive a true DevSecOps culture.

Something for SecOps

This is what Trend Micro Cloud One was built for. It combines comprehensive protection of workloads, containers, serverless architectures, cloud storage, applications, open-source, and networks with cloud security posture management. And it delivers all of this from a single platform with a focus on API-powered flexibility and automation, designed to drive operational efficiencies and accelerated, streamlined compliance.

But crucially, Trend Micro Cloud One also offers security operations (SecOps) teams critical capabilities thanks to integration with our XDR and MDR product Vision One. This kind of detection and response feature is increasingly important to cloud builders, as no organization is 100% breach-proof today, even with all the advantages of CNAPP at their disposal.

It’s a fact recognized by Gartner, which predicted in a recent report that:

By 2023, more than half (50%) of organizations with cloud-native services will use cloud security platforms that are tightly integrated with SecOps products
Automation is essential to integrate SecOps, cloud security, and app security, providing high fidelity insight into risk, which can improve collaboration among different internal stakeholders.
Cloud security platforms are still in the early stages of incorporating SecOps, such as threat detection workbenches with MITRE ATT&CK alignment.

The bigger picture

Unlike many vendors, Trend Micro already offers all these capabilities from its Cloud One platform.

In fact, Vision One goes beyond the cloud to also take in critical threat intelligence from across email, networks, on-premises servers, and endpoints for maximum visibility and control. Integration with third-party SIEM and SOAR platforms adds more value for customers.

This opens a window onto our broader strategy to combine all of our enterprise-wide security capabilities into a single unified platform. The goal is to give customers everything they need to discover their attack surface, assess risk, and mitigate that risk while minimizing security overheads and enhancing resilience.

Fueled by industry-leading XDR capabilities, Trend Micro One is a unified cybersecurity platform that helps you see your full security picture and mitigate cyber risk with native sensors across endpoint, email, cloud, network, and IoT environments. To find out more, please visit: https://www.trendmicro.com/platform-one

You May Also Like

Electricity/Energy Cybersecurity: Trends & Survey Response

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike Threats Analyst Threats Analyst

Industry 4.0: CNC Machine Security Risks Part 1