According to Gartner, Cloud Security Posture Management (CSPM) tools are fundamental to cloud security.
Gartner states that "CSP concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack". CSPM typically involves leveraging API integrations with one or more cloud providers in order to automatically discover cloud assets and their associated risks.
"Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively identify and remediate these risks."
Cloud Workload Protection Platforms (CWPPs) are software platforms designed for monitoring and protecting cloud workloads. While such "workload-centric" solutions are usually agent-based, the focus should be on the workload – not the agent. An ideal CWPP would offer agentless and agent-based approaches to protecting workloads of different types in legacy datacentere, public-cloud and private-cloud environments – including workload-centric security protections for baremetal servers, orchestrated containers, serverless "functions" and virtual machines (VMs).
“The market for Cloud Workload Protection Platforms CWPPs is defined by workload-centric security protection solutions, which are typically agent-based. They address the unique requirements of server workload protection in modern hybrid data center architectures that span on-premises, physical, and virtual machines (VMs), and multiple public cloud infrastructure as a service (IaaS) environments. Ideally, they also support container-based application architectures.”
The need for Cloud Security Posture Management and Workload Protection
Security Teams struggle with information silos which create visibility gaps. Instead of compartmentalizing security processes and tools into cloud-centric versus workload-centric categories – instead of creating more information silos with one-off security tools – what Security Teams really need is a single solution which merges and correlates CSPM data with CWPP data in order to provide a consolidated management interface for clouds and workloads.
Features of Cloudvisory Security Platform (CSP)