Skip to content
Vol. 1 · Ed. 2026
CyberGlossary
English
Entry № 217

CNAPP (Cloud-Native Application Protection)

Reviewed byCybersecurity entrepreneur & security researcher

What is CNAPP (Cloud-Native Application Protection)?

CNAPP (Cloud-Native Application Protection)An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime.

CNAPP, a category defined by Gartner, consolidates capabilities previously sold separately: posture management for cloud accounts, workload protection for VMs and containers, entitlement analysis for IAM, infrastructure-as-code scanning, secret detection, and runtime threat detection. By correlating findings — for example, linking a vulnerable container, a public load balancer, an over-privileged role, and reachable sensitive data — CNAPPs prioritize true "attack paths" rather than long flat lists. Coverage spans development pipelines, registries, Kubernetes clusters, and live cloud accounts. CNAPP has become the dominant blueprint for enterprise cloud security architecture.

Examples

  1. 01

    Wiz, Prisma Cloud, Orca Security, and Lacework competing as flagship CNAPP suites.

  2. 02

    An attack-path graph showing internet-facing pod → CVE → IAM role with S3 admin access.

Frequently asked questions

What is CNAPP (Cloud-Native Application Protection)?

An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime. It belongs to the Cloud Security category of cybersecurity.

What does CNAPP (Cloud-Native Application Protection) mean?

An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime.

How do you defend against CNAPP (Cloud-Native Application Protection)?

Defences for CNAPP (Cloud-Native Application Protection) typically combine technical controls and operational practices, as detailed in the full definition above.

What are other names for CNAPP (Cloud-Native Application Protection)?

Common alternative names include: Cloud-native application protection platform.

Related terms

See also