These capabilities are enabled by ingesting telemetry from the relevant attack surfaces into the Uptycs SQL-powered data lake for real-time and historical analysis. This platform approach—with a shared data and control plane—enables organizations to consolidate security tools as they increasingly adopt cloud-native application development and operations.
Gartner predicts that by 2025, 70% of organizations will consolidate the number of vendors securing the life cycle of cloud-native applications to a maximum of three vendors. Gartner offers this advice to security and risk management leaders pursuing a consolidation strategy: “Evaluate security platforms where they share data and control planes; leverage this consolidation to define common policies and reduce gaps and vulnerabilities between legacy silos.”
“Security organizations face fast-changing threats while struggling to hire and retain technical talent,” says Ganesh Pai, CEO and co-founder of Uptycs. “At the same time, organizations are accelerating digital transformation by adopting new cloud-native technologies and operations. Unlike other security vendors that take a portfolio approach—lightly integrating separately acquired products—Uptycs addresses these challenges by extending our SQL-powered analytics platform to cover key CNAPP use cases.”
The Uptycs solution normalizes telemetry at the point of collection in SQL tables, which enables real-time analysis and correlation as the data is streamed into the cloud. This also allows for columnar compression and fast query times across petabytes of data.
Key CNAPP functionality—as defined by Gartner—in the Uptycs offering includes:
- Cloud workload protection platform (CWPP) covering the build, deploy, and runtime stages of the cloud-native application lifecycle. Capabilities include threat detection and response, workload vulnerability scanning, system integrity monitoring, compliance, and auditing. The Uptycs CWPP solution works for hosts, VMs, containers, microVMs, and serverless functions.
- Kubernetes security posture management (KSPM) that audits and enforces security policies and continuously monitors the orchestration layer for risks and vulnerabilities.
- Cloud security posture management (CSPM) to continuously monitor cloud service configurations for risks and compliance, and detect cloud-based threats.
- Cloud infrastructure entitlement management (CIEM) to identify risky identity policies and equip security teams to trim unnecessary entitlements.
According to Gartner: “Securing cloud-native applications offers enterprises the opportunity to redesign security approaches. Rather than treat development and runtime as separate problems—secured and scanned with a collection of separate tools—enterprises should treat security and compliance as a continuum across development and operations. They should look to consolidate tools into cloud-native application protection platforms where possible.”