New Cloud Security Tools To Know

There’s no doubt about it: A growing number of threat actors are becoming “cloud-conscious,” as CrowdStrike researchers put it in their 2023 Global Threat Report. Such attackers are both well-aware that cloud workloads can be compromised and are actively exploiting cloud-specific features using this knowledge, the researchers wrote. As evidence of the growing cloud security threat, CrowdStrike reported that cloud exploitation cases surged by 95 percent last year, compared to 2021. For cybercriminal and nation-state threat actors alike, there’s a clear move toward “adopting knowledge and tradecraft to increasingly exploit cloud environments,” the researchers wrote in the report, including AWS, Microsoft Azure and Google Cloud.

[Related: 10 Emerging Cybersecurity Threats And Hacker Tactics In 2023]

As a result, cloud security is becoming a leading priority for a greater number of partners, customers and vendors in 2023. In terms of vendors, within the cybersecurity industry, a number of fast-growing startups have been focused on offering cloud security tools from the get-go. Venture-backed companies that’ve been doing cloud security since their inception include Wiz — the top-valued cybersecurity unicorn at $10 billion — and Orca Security, which sports a valuation of $1.8 billion. Meanwhile, numerous major security industry players have expanded into the category over time, including cybersecurity giants such as Palo Alto Networks and CrowdStrike.

As for the cloud security market overall, Gartner disclosed last week that it is expected to remain the fastest-growing area of security and risk management spending in both 2023 and 2024. Cloud security spending for 2023 is on track to climb 25.2 percent to $5.61 billion, year-over-year, before growing another 24.7 percent in 2024 to reach $7 billion, the research firm reported. Adding in application security — a category that increasingly overlaps with cloud security as apps continue shifting to the cloud — contributes an additional $5.77 billion in spending this year and a forecasted $6.67 billion in spending for 2024, according to Gartner.

All About CNAPP

Among the notable trends in cloud security is the fact that a large portion of vendors are now aligning to the Gartner-coined concept of a CNAPP, or cloud-native application protection platform, according to Mark Wah, vice president and analyst at Gartner. The CNAPP concept involves bringing together numerous key capabilities in security for cloud environments and cloud-native applications into a unified platform — improving cloud threat prioritization and making it easier for security teams to manage the tools. Core CNAPP capabilities include a variety of acronyms: Cloud security posture management (CSPM), cloud workload protection (CWP), cloud infrastructure entitlements management (CIEM) and more.

The fact that so many cybersecurity vendors are on the path of building out a complete CNAPP has been helping to drive many of the new cloud security and application security product launches this year. For instance, one major recent development in the CNAPP space is the realization by many customers that the “previous positioning of agentless approaches to CSPM may not be sufficient to cover runtime,” Wah said. That has contributed to influencing vendors such as Wiz, which initially only provided periodic snapshot scanning, to expand to offer capabilities for real-time detection of cloud workload threats.

That’s just one among the broad array of new cloud security tools that’ve been unveiled by key industry vendors in 2023 for protecting the use of public cloud environments such as AWS, Azure and GCP. As part of CRN’s Cybersecurity Week 2023, we’ve collected details on 10 recently introduced cloud security products that’ve hit our radar — ranging from industry giants such as Microsoft down to startups such as Ermetic, which saw its $265 million acquisition by Tenable reach completion Monday.

What follows are 10 hot new cloud security tools to know in 2023.