Glossary term
CNAPP
Also: Cloud Native Application Protection Platform
Gartner platform category that combines CSPM, CWPP, CIEM, KSPM, DSPM and IaC scanning into one tool. Answer to tool fragmentation in cloud security stacks.
Gartner coined the term in 2021. Idea: a shared asset and policy model across all cloud security disciplines, from code (IaC scan, secret scan) to runtime monitoring.
Market leaders: Wiz, Palo Alto Prisma Cloud, CrowdStrike Falcon Cloud Security, Lacework (acquired by Fortinet 2024), Sysdig, Orca Security. Microsoft Defender for Cloud positions itself as CNAPP for Azure-first customers.
Selection criteria: agentless vs agent-based detection, multi-cloud depth, K8s maturity, data-security maturity, integration with existing SIEM/SOAR, EU data residency for compliance.
Related terms
CSPM
Software category for continuous review of cloud configurations against security benchmarks (CIS, NI…
CWPP
Software category for protecting cloud workloads (VMs, containers, serverless) at runtime. Combines …
SSPM
Software category for reviewing SaaS configurations (Microsoft 365, Salesforce, Google Workspace, Sl…
CASB
Security layer between users and SaaS providing visibility (shadow IT discovery), data protection (D…
Compliance mapping
The explicit link between a decision (vendor, architecture, control) and the specific regulatory art…
Confidential Computing
Hardware-based isolation that keeps data encrypted during processing (data-in-use). Complements encr…
Critical ICT Third-Party Provider (CTPP)
ICT third-party provider designated critical by the European Commission under DORA Art. 31, falling …
CVE
Global identifier for publicly known security vulnerabilities in software and hardware. Format CVE-Y…