{"id":3973,"date":"2024-07-17T21:00:53","date_gmt":"2024-07-17T15:30:53","guid":{"rendered":"https:\/\/cloudwithease.com\/?p=3973"},"modified":"2024-07-17T21:00:56","modified_gmt":"2024-07-17T15:30:56","slug":"cloud-native-application-platform-cnapp","status":"publish","type":"post","link":"https:\/\/cloudwithease.com\/cloud-native-application-platform-cnapp\/","title":{"rendered":"CNAPP: Cloud Native Application Protection Platform"},"content":{"rendered":"\n<div class=\"wp-block-rank-math-toc-block has-background\" style=\"background-color:#e1f4f8\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#what-is-cloud-native-application-protection-platform-cnapp\">What is Cloud Native Application Protection Platform (CNAPP)\u00a0<\/a><\/li><li><a href=\"#why-do-we-need-cnapp\">Why do we need CNAPP?<\/a><\/li><li><a href=\"#purpose-of-cnapp\">Purpose of CNAPP<\/a><\/li><li><a href=\"#key-components-of-cnapp\">Key Components of CNAPP<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<p>In the fast-changing world and quick adoption of cloud computing forcing organizations to look at ways to protect cloud hosted applications. It is not just about availability, resilience, scalability, flexibility which is brought by this transformation in technology but it brought with us a greater responsibility towards cloud native application protection platform as well. The question arises now is how to protect and secure your cloud native applications?&nbsp;<\/p><div id=\"cloud-1705742988\" class=\"cloud-content cloud-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1375203873676133\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block; text-align:center;\" data-ad-client=\"ca-pub-1375203873676133\" \ndata-ad-slot=\"8195412531\" \ndata-ad-layout=\"in-article\"\ndata-ad-format=\"fluid\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<p>In today\u2019s topic we will learn about <a href=\"https:\/\/cloudwithease.com\/understanding-cloud-native-applications\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cloud Native Application<\/a> Protection Platform(CNAPP), its purpose, problems it can address, its key components, why do we need CNAPP? its architecture, features and capabilities.\u00a0\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-is-cloud-native-application-protection-platform-cnapp\"><strong>What is Cloud Native Application Protection Platform (CNAPP)\u00a0<\/strong><\/h2>\n\n\n\n<p>It is a cumulative set of security and compliance capabilities designed to help in securing and protecting cloud native applications across production and development as stated by Gartner. This term is coined by Gartner who recognized the need of securing applications in the cloud ecosystem. CNAPP solutions aim to address configuration and workload security by application scans in runtime. CNAPP is a culmination to automate workload and environment security both. The purpose of CNAPP is to unify and orchestrate 3<sup>rd<\/sup> party solutions and architectures to enforce application behaviour in line with developer\u2019s intent.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"800\" height=\"454\" data-id=\"3975\" data-src=\"https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-1.jpg\" alt=\"How CNAPP works\" class=\"wp-image-3975 lazyload\" data-srcset=\"https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-1.jpg 800w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-1-300x170.jpg 300w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-1-768x436.jpg 768w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-1-600x341.jpg 600w\" data-sizes=\"(max-width: 800px) 100vw, 800px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 800px; --smush-placeholder-aspect-ratio: 800\/454;\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Cloud Native Platform is combination of Cloud Native, security tools such as code analysis, workload protection and cloud posture management, data sources both logs and telemetry, coding practices such as CI\/CD pipeline etc. it is convergence of multiple technologies having combined the existing cloud security solutions \u2013 Cloud security posture management (CSPM), cloud workload protection (CWP), Cloud infrastructure entitlement management (CIEM), Kubernetes security posture management (KSPM), API protection, microservices, code repository integration etc.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why-do-we-need-cnapp\"><strong>Why do we need CNAPP?<\/strong><\/h2>\n\n\n\n<p>The shift towards cloud has brought a wide range of new security requirements. Cloud complexity and unpredictable interactions have risen due to the rise of dynamic and ephemeral environments within the cloud. Traditional security approach not able to provide the required coverage to keep up with containerized and ephemeral, <a href=\"https:\/\/cloudwithease.com\/serverless-vs-microservices\/\" target=\"_blank\" rel=\"noreferrer noopener\">serverless environments<\/a>. <\/p>\n\n\n\n<p>Apart from this the second element is the \u2018Application protection\u2019. Earlier focus was more on protection of infrastructure but in cloud the question is \u2018How secure is my application?\u2019. There are many ways in which cloud hosted application risks exposure by excessive permissive access rights, unintentional public exposure and more.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"purpose-of-cnapp\"><strong>Purpose of CNAPP<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Comprehensive protection of application starting from development to runtime<\/li>\n\n\n\n<li>Real time threat mitigation with continuous monitoring and threat detection\u00a0<\/li>\n\n\n\n<li>Containerization of application security to ensure container images do not carry any vulnerabilities<\/li>\n\n\n\n<li>Microservices communication protection via authentication and encryption<\/li>\n\n\n\n<li>Complete security of API, guards against injection and data leak attacks<\/li>\n\n\n\n<li>Audit and reporting capabilities to adhere to compliance requirements<\/li>\n\n\n\n<li>Protection against access risks with <a href=\"https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/introduction.html\" target=\"_blank\" rel=\"noreferrer noopener\">IAM<\/a> controls implementation\u00a0<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"800\" height=\"454\" data-id=\"3976\" data-src=\"https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP.jpg\" alt=\"\" class=\"wp-image-3976 lazyload\" data-srcset=\"https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP.jpg 800w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-300x170.jpg 300w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-768x436.jpg 768w, https:\/\/cloudwithease.com\/wp-content\/uploads\/2024\/07\/Cloud-Native-Application-Protection-Platform-CNAPP-600x341.jpg 600w\" data-sizes=\"(max-width: 800px) 100vw, 800px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 800px; --smush-placeholder-aspect-ratio: 800\/454;\" \/><\/figure>\n<\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"key-components-of-cnapp\"><strong>Key Components of CNAPP<\/strong><\/h2>\n\n\n\n<p>CNAPP combines several security solutions into a comprehensive bundle of solution as under:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud security posture management (CSPM) is used for monitoring, identification, and remediation of misconfigurations in cloud posture of cloud resources, tracking compliance to different controls and frameworks such as CIS, GDPR, NIST etc.\u00a0<\/li>\n\n\n\n<li>Cloud Infrastructure Entitlement Management (CIEM) manages permissions and rights\u00a0<\/li>\n\n\n\n<li>Cloud workload protection (CWP) is used to identify and alert security threats. It detects and prevents suspicious behaviour in containers at runtime. Protects Linux hosts or VM based workloads by reduction in vulnerability surface with restrictive configurations. Vulnerability detection in container images\u00a0<\/li>\n\n\n\n<li>Kubernetes Security Posture Management (KSPM) is used to secure Kubernetes containers. Enforces kubernetes native network policies \u2013 segmentation, network traffic visualization etc. validate container compliance to ensure file integrity monitoring.\u00a0<\/li>\n\n\n\n<li>Infrastructure as Code Security Scanning (IaC) is used to scan and identify misconfigurations in code during its development and testing.\u00a0<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>In the fast-changing world and quick adoption of cloud computing forcing organizations to look at ways to protect cloud hosted &#8230; <a title=\"CNAPP: Cloud Native Application Protection Platform\" class=\"read-more\" href=\"https:\/\/cloudwithease.com\/cloud-native-application-platform-cnapp\/\" aria-label=\"Read more about CNAPP: Cloud Native Application Protection Platform\">Read more<\/a><\/p>\n","protected":false},"author":3,"featured_media":3976,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","footnotes":""},"categories":[45,38],"tags":[61],"class_list":["post-3973","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tools-services","category-cloud-technologies","tag-toolsservices","pmpro-has-access"],"_links":{"self":[{"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/posts\/3973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/comments?post=3973"}],"version-history":[{"count":2,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/posts\/3973\/revisions"}],"predecessor-version":[{"id":3977,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/posts\/3973\/revisions\/3977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/media\/3976"}],"wp:attachment":[{"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/media?parent=3973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/categories?post=3973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudwithease.com\/wp-json\/wp\/v2\/tags?post=3973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}