GigaOm Radar for Cloud Security Posture Management
Published by Palo Alto Networks
Too often security teams struggle to make do with suboptimal, legacy, on-premises architectures. These architectures are filled with bolt-on security solutions that may perform well enough, but aren’t able to provide the depth of insight or degree of security that organizations require today.
While cloud security posture management (CSPM) solutions can’t provide proactive architectural guidance for engineering teams, they can provide invaluable insights into the chosen architecture, the services in use in the public cloud, the identities (users) managing the public cloud, and even the workloads running in the cloud.
CSPM offerings are typically cloud-native security solutions that leverage the numerous application programming interfaces (APIs) available through public cloud providers to collect data. The data gathered through these APIs is sorted and then analyzed in various ways to identify risks, such as misconfigurations and vulnerabilities. A CSPM solution’s ability to gather public cloud configuration data and workload events allows it to provide detailed visualizations of the cloud architecture. CSPM solutions also enable users to identify relationships among cloud services, workloads, and other various cloud assets.
CSPM solutions started as simple API monitoring and data visualization solutions meant to give security teams visibility into cloud infrastructure. However, these solutions quickly grew beyond that use case and now include identity and access management (IAM) and workload monitoring. And soon, they might include forms of application security like static application security testing (SAST) or source code analysis (SCA) as vendors attempt to build one-stop-shops for cloud security.
This GigaOm Radar report highlights key CSPM vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating CSPM Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.
Cloud Security, API Security, Cloud Access Security Broker (CASB), Cloud Compliance, Cloud Data Security, Cloud DDoS Mitigation, Cloud Edge Security, Cloud File Security, Cloud Security Posture Management (CSPM), Cloud Workload Protection, Extended Detection and Response (XDR), Secure Access Service Edge (SASE), Service Mesh