Frost Radar：2025 年云端/应用程式运行时安全

Frost Radar: Cloud/Application Runtime Security, 2025

出版日期: 2025年05月23日 | 出版商:

Frost & Sullivan | 英文 29 Pages | 商品交期: 最快1-2个工作天内

价格

简介目录

基准化分析系统激励主要企业－创新推动新的交易流程和成长管道

云端原生应用的多层架构（包括容器、微服务和底层基础设施）使威胁侦测和事件回应变得复杂。攻击可以跨越这些层级，利用应用层级的 API 或未知漏洞，并横向穿过容器层进入云端基础架构。 SecOps 团队需要关联这些层级之间的事件，才能全面了解事件，这需要进阶关联功能以及来自不同来源的安全资料的统一视图。

儘管许多组织在云端和应用安全技术方面投入了大量资金，但这些静态扫描解决方案（包括云端安全态势管理、云端原生应用程式保护平台 (CNAPP)、传统应用程式安全测试和其他程式码扫描）不足以帮助 SecOps 团队应对云端环境中的威胁，导致他们束手无策。虽然 CNAPP 和 AppSec 工具能够透过静态扫描有效识别漏洞和错误配置，但它们对 SecOps 团队的价值有限，因为它们误报率过高，缺乏即时威胁检测，并且无法提供运行时可见性或适当的情境化。此外，传统的执行时间工具存在基于静态规则的侦测、可见度碎片化和营运效率低下的问题，导致 SecOps 团队难以应对动态云端环境中的高阶多层威胁。

云端/应用程式运行时安全解决方案主要包括云端侦测和回应、应用程式侦测和回应，透过云端威胁侦测和回应功能补充左移和右移，以提供即时洞察和主动防御。

Frost & Sullivan 会分析同一产业内大量的公司。它将根据领导力或其他卓越表现筛选出需要进一步分析的公司，并根据 10 项成长和创新标准对其进行基准测试，以揭示其在 Frost Radar™ 上的排名。它将在 Frost Radar™ 上呈现每家公司的竞争概况，探讨每家公司的优势以及最契合这些优势的商业机会。

The multilayered architecture of cloud-native applications, involving containers, microservices, and underlying infrastructure, complicates threat detection and incident response. Attacks can move across these layers, starting at the application level, exploiting API or unknown vulnerabilities, and moving laterally through the container layer to the cloud infrastructure. SecOps teams need to correlate events across these layers to understand the full scope of an incident, which demands advanced correlation capabilities and a unified view of security data from various sources.

Many organizations have invested heavily in cloud and application security technologies, but these static scanning solutions, such as cloud security posture management, cloud-native application protection platforms (CNAPP), and traditional application security testing and other code scanning, are insufficient for SecOps teams to handle threats in the cloud environment, leaving the teams in limbo. CNAPPs and AppSec tools, while effective at identifying vulnerabilities and misconfigurations through static scans, bring limited value to SecOps teams with excessive false positives, lack real-time threat detection, and fail to provide runtime visibility or adequate contextualization. Traditional runtime tools also suffer from static rule-based detection, fragmented visibility, and operational inefficiencies, leaving SecOps teams struggling to address sophisticated, multilayered threats in dynamic cloud environments.

Organizations are converging development and operations security practices, aiming for end-to-end protection and threat management from code to cloud and to the security operations center. cloud/application runtime security solutions, primarily cloud detection and response and application detection and response, complement shift-left with the shift-right through detection and response capabilities to cloud threats, providing real-time insights and active defense.

Frost & Sullivan analyzes numerous companies in an industry. Those selected for further analysis based on their leadership or other distinctions are benchmarked across 10 Growth and Innovation criteria to reveal their position on the Frost Radar™. The publication presents competitive profiles of each company on the Frost Radar™ considering their strengths and the opportunities that best fit those strengths.

Analyst: Anh Tien Vu