All news with #cnapp tag

Debunking Common Cloud Security Misconceptions Today

🔒 In a December 8, 2025 Fortinet post, Ali Bidabadi and Carl Windsor dispel persistent myths about cloud security and emphasize the shared responsibility model. They warn that simple misconfigurations — not sophisticated attacks — often cause large exposures and that cloud-native controls alone leave gaps. The authors recommend adopting CNAPP, third-party NGFW and WAF solutions, and continuous visibility to reduce risk across multi-cloud and hybrid environments.

Securing the AI Frontier: GSA OneGov Accelerates Secure AI

🔒 Palo Alto Networks explains why the GSA OneGov agreement matters for federal AI adoption and cybersecurity. Author Eric Trexler cites Unit 42 research showing new risks—particularly AI Agent Smuggling via indirect prompt injection and agent session smuggling—and argues AI must be defended as an attack surface. The post highlights platform protections including Prisma AIRS, FedRAMP High CNAPP, and Prisma SASE to secure AI workloads, edge users, and data. It positions OneGov as a procurement shortcut for agencies to deploy AI securely and notes promotional offers through 31 January 2028.

Choosing the Best Cloud Security Posture Management Tools

🔒 Cloud security posture management (CSPM) combines threat intelligence, continuous detection, and automated remediation to find and fix cloud misconfigurations that can expose data. Customers—not cloud providers—are responsible for configuring and protecting workloads, so organizations must select CSPM that delivers multicloud visibility, integrated data security, and policy-driven automated remediation. Modern offerings increasingly fold CSPM into broader CNAPP and SSE suites from vendors such as Wiz, Palo Alto Networks, Tenable, and CrowdStrike, making coverage, integration, and operational model critical factors in vendor selection.

IDC: Major Shift in Cloud Security Investment Trends

🔍 IDC’s latest research finds organizations averaged nine cloud security incidents in 2024, with 89% reporting year-over-year increases. The study identifies CNAPP as a top-three investment for 2025, rising CISO ownership of cloud security, and persistent tool sprawl that increases cost and risk. It also documents practical uses of generative AI for detection and response and a move toward integrated, autonomous SecOps platforms. Microsoft positions its integrated CNAPP and AI-driven threat intelligence as a way to unify protection across the application lifecycle.

FortiCNAPP Named Leader in Three KuppingerCole Categories

🚀 FortiCNAPP has been named a Leader in three categories in the 2025 KuppingerCole Compass for CNAPP: Overall Leadership, Market Leadership, and Innovation Leadership. The recognition emphasizes FortiCNAPP’s ability to reduce tool sprawl, improve visibility into cloud risk, and accelerate remediation. Customers cite rapid, intuitive deployment, agentless scanning, AI-driven analytics, and tight integration with the Fortinet Security Fabric as key benefits.

Runtime Visibility Reshapes Cloud-Native Security in 2025

🛡️ The shift to containers, Kubernetes, and serverless has made runtime visibility the new center of gravity for cloud-native security. CNAPPs that consolidate detection, posture, and response are essential, but observing active workloads distinguishes theoretical risk from live exposure. AI-driven correlation and automated triage reduce false positives and accelerate remediation. Vendors such as Sysdig stress mapping findings back to ownership and source code to drive accountable fixes.

Fortinet at Black Hat USA 2025: Innovation & Community

🔒 Fortinet played a central role at Black Hat USA 2025, engaging thousands of attendees through demos, theater sessions, and partner presentations. At Booth #2446 and the Security Fabric Theater, Fortinet highlighted integrated capabilities across secure networking, SOC transformation, endpoint protection, and CNAPP, and showcased research on adversarial AI. The program extended into DEF CON 33, reinforcing the urgency of attack surface management and rapid threat detection.

Closing Common Cloud Security Gaps with FortiCNAPP Platform

🔒 FortiCNAPP unifies cloud security across posture, workload runtime, control plane, and application layers to address common gaps that expose cloud-native applications. The platform delivers continuous asset discovery and inventory mapping, built-in CSPM with compliance mappings, runtime workload protection, and CDR that correlates host telemetry with cloud audit logs via composite alerts. Integrated FortiWeb WAF/API protections and CI/CD scanning enable a shift-left workflow so developers and security teams can detect and remediate risks earlier without slowing delivery.