What Is a Cloud Workload Protection Platform (CWPP)?
Cloud Workload Protection Platform (CWPP) as defined by Gartner is a “workload-centric security solution that targets the unique protection requirements” of workloads in modern enterprise environments. Workloads in modern environments have evolved to include physical servers, virtual machines (VMs), containers, and serverless workloads.
The cloud workload protection platform (CWPP) market is increasingly overlapping with the cloud security posture management (CSPM) market and shifting left into development to address the full life cycle of cloud-native application protection requirements.
Gartner recommendations:
Implement a CWPP offering that protects workloads regardless of location, size, runtime duration or application architecture.
- Support for Windows, Linux, and Linux containers (with explicit support for Kubernetes), and support for serverless function scanning and runtime protection
- Licensing portability across on-premises and public cloud deployments.
- Traditional per-workload/per-year licensing, with licensing options for usage-based consumption based on image size (for example, per minute).
- Console as a service provided from the cloud for ease of deployment.
- Software available and integrated in the cloud provider’s application store for ease of consumption
- Integrated CSPM/KSPM capabilities
- Anti-malware scanning capabilities, including the option to scan cloud object stores.
- Coverage of the hierarchy of controls that are important to the enterprise
- These controls include restricted operator access, change, and log management.
- Operations and security hygiene is also present—such as vulnerability management, network visibility, system integrity, application control, exploit prevention, server/ workload EDR, host-based IPS, and vulnerability shielding.