Want to see Spyderbat in action?
CNAPP concept is flawed
Do you have a fox watching your hen house?
The components of a Cloud Native Application Protection Platform (CNAPP) make sense. Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), and Cloud Detection and Response (CDR) all play their role. But having them come from the same vendor is flawed.
For the same reasons we have blue teams and red teams in cyber security, we need to separate the posture management/preventive control vendor from the attack detection/CDR vendor. By installing two layers of protection with unique perspectives, we ensure a far more comprehensive coverage. Otherwise, a single vendor’s perspective of a threat will yield a specific set of configuration recommendations, and an equivalent set of attack detections against those same misconfigurations. In other words, if you were to follow a CNAPP vendor's CSPM recommendations perfectly, you may miss something that the same vendor's CDR capabilities will also miss.
From a security and “defense-in-depth” perspective, you are much better off separating the two. Otherwise, you’ve got the proverbial fox watching the hen house!
Stay tuned as we discuss in detail in part 2 of The Concept of CNAPP is Flawed: Why Relying on a Single Vendor for Cloud Security is Risky!
Want to see Spyderbat in action?
