CNAPP Security Model for Secure Apps

The cloud as a whole is here to stay. While the automation and agility delivered by the cloud introduces new risks, DevOps teams still maintain an outsized influence over the technology stack. Fixing security flaws at runtime is too costly and time consuming. We need an approach that enables cloud application developers to find flaws earlier in the development life cycle when vulnerabilities and misconfigurations are easier to fix. This is where CNAPP comes into picture.

What is CNAPP ?

Cloud-Native Application Protection Platform (CNAPP) is a term coined by Gartner for building secure cloud-native applications. CNAPP is a security model for cloud-native applications and it accentuates the importance to focus on cloud-native security solutions. It also provides an end-to-end lifecycle approach to cloud application security rather than investing on individual point solutions.

Essentially, it refers to a platform that provides security, visibility and control from the first time an app is built, all the way through its operational life, wrapping it in APIs and tooling that emphasize automation and developer experience. A confluence of multiple technologies unified under a single UI. Using a unique platform, applications can be protected at runtime and security can be integrated into application development workflows to recognize and fix glitches in early stages of the application life cycle.

CNAPPs consolidate many previously siloed capabilities including development artifact scanning including containers, Cloud Security Posture Management (CSPM), Infrastructure as Code (IaC) scanning, Cloud Infrastructure Entitlement Management (CIEM) and Cloud Workload Protection platform. CNAPP follows the concepts and principles of DevSecOps and its vision is to address cloud native application risks as much as possible. And it is being done in development and testing stages of SDLC before the applications are moved into production.

By shifting security left to development businesses that enable CNAPPs will be able to lower the total cost of fixing vulnerabilities and help engineering teams deliver secure cloud-native applications faster. But perhaps more important than a competitive advantage CNAPPs give you an advantage over the rise in data breaches, zero day vulnerabilities and privacy violations that can nibble customer trust and lead to bankruptcy.

It is important that organizations treat security as a critical part of digital transformations and cloud-native application development. And that’s exactly what CNAPPs are designed to do. Comprehensive code to cloud security puts prevention first by leveraging real time visibility and threat detection to stop attacks before they occur. Effective cloud security addresses the full continuum of needs from code, cloud, build and deploy to the runtime environment giving you confidence to scale and the power of choice no matter where you are in your cloud transformation journey.


To feel secure, confident and empowered; organizations and their teams need a CNAPP that addresses the full continuum of needs from development to build to deployment to the runtime environment. Feel safe knowing your cloud is protected against sophisticated threats ahead of time. Feel confident your security teams can identify and fix critical risks. Feel empowered while staying secure from code to cloud.

Author Details

Sajin Somarajan

Sajin is a Solution Architect at Infosys Digital Experience. He architects microservices, UI/Mobile applications, and Enterprise cloud solutions. He helps deliver digital transformation programs for enterprises, by leveraging cloud services, designing cloud-native applications and providing leadership, strategy, and technical consultation.

Leave a Comment

Your email address will not be published.