市场调查报告书
商品编码
1184281
云端原生应用程序保护平台的全球市场规模、份额和行业趋势分析报告:按服务产品、云端类型、组织规模、行业和地区划分的展望和预测2022-2028Global Cloud-native Application Protection Platform Market Size, Share & Industry Trends Analysis Report By Offering, By Cloud Type, By Organization Size, By Vertical, By Regional Outlook and Forecast, 2022 - 2028 |
到 2028 年,云端原生应用程序保护平台 (CNAPP) 的全球市场规模预计将达到 212 亿美元,预测期内復合年增长率为 18.6%。
在公共云端中,变化发生得如此频繁,以至于安全团队需要在不拖慢整个企业发展速度的情况下管理安全性和合规性。 这需要在开发过程的早期发现安全缺陷和漏洞,快速修復它们,并始终提供可靠的安全保障。 不幸的是,在现代环境中存在如此多的相互依存关係,传统策略可能无法实现所有这些。
COVID-19 影响分析
自 COVID-19 以来,越来越多的公司开始为 Azure、AWS、阿里云端、谷歌云和 Kubernetes 等云端原生环境提供云端安全和合规态势监控。 此外,许多公司正在迁移到云端环境,为每个国家/地区不确定的封锁做准备。 这使得企业在自动化安全、管理和遵守定制策略的同时拥有高保真可见性和控制变得更加重要。 然而,自 COVID-19 爆发以来,云端采用率猛增,为云端原生应用程序保护平台 (CNAPP) 市场的需求铺平了道路。
市场增长因素
使用 BYOD 和远程工作的中小企业
使用基于云端的技术和 BYOD 概念的雇主允许员工远程工作,同时仍然连接到办公室网络。 随着公共云端解决方案和 BYOD 法规的盛行,企业正在逐渐转向云端部署范式。 企业正在迅速接受在家工作和 BYOD 计划。 远程就业可以改善健康状况并防止生产力下降。
越来越多地采用基于云端的解决方案
越来越多的行业正在使用基于云端的解决方案。 基于云端的解决方案支持开发新的机器学习和人工智能,促进更高效的工作。 传统的安全方法和解决方案旨在保护端点和本地数据中心,而不是云端原生应用程序和服务。 随着向云端技术的转移,安全团队面临着在开发过程的早期发现安全问题和漏洞、快速修復它们并提供可靠保护的挑战。
市场约束
缺乏构建和管理 CNAPP 的技术知识
安装和维护 CNAPP 解决方案需要技术专长和经验。 然而,近年来,一些公司僱用了没有必要培训和经验的保安人员。 根据《福布斯》2020 年的一项研究“云端人才干旱持续”,对高级云端和安全功能的需求比以往任何时候都多,但越来越需要经过认证的人才来支持这一转变,尤其是在非技术公司中。据说人力资源严重短缺。
发售展望
云端原生应用程序保护平台 (CNAPP) 市场根据其产品分为平台(无服务)和专业服务。 平台部分在 2021 年产生了最大的市场收入份额。 CNAPP 是一款一体化的云端原生软件,可以轻鬆监控、识别和响应所有云安全威胁和漏洞。 通过将多种工具和功能集成到一个软件解决方案中,CNAPP 降低了复杂性。 在从开发到生产的整个 CI/CD 应用程序生命週期中,CNAPP 提供端到端的云端和应用程序安全性。
云端型展望
根据云类型,云端原生应用程序保护平台 (CNAPP) 市场分为公共和混合。 混合动力细分市场在 2021 年市场中占据了很大的收入份额。 混合模式已经成为最流行的跨行业部署方式。 许多公司更加重视混合云端模型和製定战略以最大化收益,同时帮助实现业务运营、资源消耗、成本效率、用户体验和应用程序的现代化。
组织规模展望
根据组织规模,云端原生应用程序保护平台 (CNAPP) 市场分为大型企业和中小型企业。 2021年的市场份额将由大公司主导。 更大的公司越来越多地使用 CNAPP 平台和相关的专业服务。 与内部部署相比,大型企业开始更频繁地使用基于云端的解决方案。 随着 COVID-19 流行病增加了与使用基于云端的解决方案相关的风险,BYOD 和在家工作趋势正在被更快地采用。
行业展望
云端原生应用程序保护平台 (CNAPP) 市场按垂直细分为 BFSI、医疗保健、零售和电子商务、电信、IT 和 ITeS 等。 2021 年,零售和电子商务行业在市场中所占的收入份额保守。 这些电子商务平台和在线零售商使用各种支付方式来收集消费者的个人和私人信息,例如电子邮件地址、电话号码、信用卡信息以及快递送货时的完整地址。
区域展望
按地区划分,云端原生应用程序保护平台 (CNAPP) 市场分为北美、欧洲、亚太地区和 LAMEA。 北美将成为 2021 年收入份额最大的主要市场区域,预计在预测期内将继续这一趋势。 为了保持运营能力、业务连续性和防止错误配置,北美组织采取了多个步骤来采用云端,实施了数据加密、DLP、数据完整性监控、数据威胁防护和 CSPM 等云端数据保护。方法正在逐步采用.
The Global Cloud-native Application Protection Platform (CNAPP) Market size is expected to reach $21.2 billion by 2028, rising at a market growth of 18.6% CAGR during the forecast period.
In today's highly automated, dynamic public cloud settings, a cloud-native application protection platform (CNAPP) is a security and compliance solution that aids teams in developing, deploying, and operating secure cloud-native apps. Security teams may work more efficiently with developers and DevOps owing to CNAPPs. CSPM, IAM, CIEM, data protection, CWPP, and other features are consolidated under the umbrella of CNAPP, a new cloud security platform.
Traditional security methods, techniques, and tools were created to safeguard endpoints and on-premises data centers, not cloud-native applications and services. However, these techniques are inadequate given the move to cloud-native technologies, dynamic and transient settings, rapid release cycles, and contemporary development approaches (such as infrastructure as code [IaC], containers, CI/CD pipelines, serverless functions, and Kubernetes).
In the public cloud, changes happen often, and the security team must manage security and compliance-ideally without slowing down the whole enterprise. To do this, businesses must find security flaws and vulnerabilities early in the development process, move quickly to fix them, and provide constant, reliable security and assurance. Unfortunately, it may be pretty challenging to do all of that using a conventional strategy, given the many interdependencies in contemporary contexts.
COVID-19 Impact Analysis
Many companies provide cloud security and compliance posture monitoring for cloud-native environments such as Azure, AWS, Alibaba Cloud, Google Cloud, and Kubernetes after the covid-19 period. In addition, many enterprises have shifted to cloud environments to be ready for any uncertain lockdowns in their respective countries. Thus, it becomes more critical for companies to automate security, administration, and compliance with tailored policies while providing high-fidelity visibility and control. However, since the COVID-19 outbreak, there has been a boom in cloud adoption, paving the way for the demand for a cloud-native application protection platform (CNAPP) Market.
Market Growth Factors
SMES Using BYOD and Remote Work Alternatives
Employers that use cloud-based technology and the BYOD concept allow workers to work remotely while connected to the office network. Enterprises are gradually switching to the cloud deployment paradigm due to the rising popularity of public cloud solutions and BYOD regulations. Organizations are quickly embracing Work-from-home and BYOD initiatives. Remote employment promotes general health and helps businesses avoid productivity loss.
Adoption of Cloud-Based Solutions Growing
More and more verticals are using cloud-based solutions. Cloud-based solutions allow the development of new machine learning and artificial intelligence capabilities and facilitate more productive working. Traditional security methods and solutions were created to safeguard endpoints and on-premises data centers, not cloud-native applications and services. With the move to cloud technologies, security teams must be able to spot security problems and vulnerabilities early in the development process, move quickly to fix them, and provide reliable protection.
Market Restraining Factors
Inadequate Technical Knowledge to Build and Manage CNAPP
Technical expertise and experience are needed for CNAPP solution deployment and upkeep. Nevertheless, in recent years, businesses have started employing security executives without the necessary training and experience. Advanced cloud and security capabilities are more in demand than ever, but there is a severe shortage of certified, competent workers to support this shift, particularly in non-tech-related businesses, according to a Forbes study from 2020 titled The Cloud Talent Drought Continues.
Offering Outlook
Based on the offering, the Cloud-native Application Protection Platform (CNAPP) Market is divided into Platform (Without Services) and Professional Services. The Platform segment produced the largest market revenue share in 2021. A CNAPP is all-in-one cloud-native software that makes it easier to monitor, identify, and respond to any threats and vulnerabilities to cloud security. By integrating several tools and functionalities into a single software solution, CNAPP reduces complexity. Through the whole CI/CD application lifecycle, from development to production, CNAPP provides end-to-end cloud and application security.
Cloud Type Outlook
Based on Cloud Type, the Cloud-native Application Protection Platform (CNAPP) Market is segmented into Public and Hybrid. The hybrid segment acquired a significant revenue share in the market in 2021. The hybrid model has been the most popular implementation methodology across sectors. Many businesses are emphasizing more on creating hybrid cloud models and clever strategies to help improve business operations, resource consumption, cost efficiency, user experience, and application modernization while maximizing the benefits.
Organization Size Outlook
Based on the organization size, the Cloud-native Application Protection Platform (CNAPP) Market is classified into Large Enterprises and SMEs. Large enterprises accounted for the higher share of the market in 2021. Large businesses are using the CNAPP platform and associated professional services more and more. Large enterprises are starting to use cloud-based solutions more often than on-premises ones. The BYOD and work-from-home trends have been adopted more quickly due to the COVID-19 pandemic, which has raised the hazards associated with using cloud-based solutions.
Vertical Outlook
Based on vertical, the Cloud-native Application Protection Platform (CNAPP) market is classified into BFSI, Healthcare, Retail & eCommerce, Telecommunication, IT & ITeS, and Others. The retail & eCommerce segment accounted for the consiferable revenue share in the market during 2021. Different payment methods are used by these E-commerce platforms and online retail outlets to gather consumers' personal and private information, such as email addresses, phone numbers, credit card information, and complete addresses in the event of home deliveries.
Regional Outlook
Based on region, the Cloud-native Application Protection Platform (CNAPP) Market is segmented into North America, Europe, Asia Pacific, and LAMEA. North America emerged as the leading region in the market with the largest revenue share in 2021 and is expected to continue this trend over the forecast period. To sustain operational functionality, and business continuity, and prevent misconfiguration, North American organizations have taken multiple steps forward into cloud adoption and are progressively adopting cloud data protection methods like data encryption, DLP, data integrity monitoring, data threat protection, and CSPM.
The market research report covers the analysis of key stake holders of the market. Key companies profiled in the report include Trend Micro, Inc., Check Point Software Technologies Ltd., Palo Alto Networks, Inc., Crowdstrike Holdings, Inc., Fortinet, Inc., Forcepoint LLC (Francisco Partners), Aqua Security Software Ltd., Radware Ltd., Zscaler, Inc., Sophos Group PLC (Thoma Bravo)
Recent Strategies Deployed in Cloud-native Application Protection Platform (CNAPP) Market
Partnerships, Collaborations and Agreements:
Dec-2022: Palo Alto Networks has extended its partnership with Google Cloud to bring its Prisma Access platform with BeyondCorp Enterprise of Google. This will help organizations to get benefited from the performance scale, reliability of Google Cloud, and security expertise of Palo Alto Networks. This will provide seamless Zero Trust Security for today's workforce.
Oct-2022: CrowdStrike extended its partnership with Ernst & Young, a company engaged in providing cyber risk consulting services, for offering Cloud Security and Observability Services, powered by the CrowdStrike Falcon platform, internationally. The expansion can provide joint customers the ability to safeguard their cloud workloads while also giving them real-time insight to identify and analyze problems in their infrastructure environments, with the help of CrowdStrike Cloud Security and CrowdStrike Falcon LogScale.
Sep-2022: Palo Alto Networks announced its collaboration with Wipro, a provider of information technology, consulting, and business process services. The collaboration aims to provide network transformation and managed security solutions. The combination of Wipro's offerings with Palo Alto Networks Next-Generation Security Platform would protect critical data assets by delivering comprehensive and easy-to-manage security solutions.
Jul-2022: Aqua Security partnered with CMD Solutions, a cloud technology solutions provider. The partnership aims at supporting clients in securing their cloud-native applications on AWS. Additionally, the partnership benefits CMD's clients.
Jun-2022: Zscaler extended its collaboration with Amazon Web Services for offering a unified solution to customers for simplifying and consolidating cloud security operations together with helping enterprises in advancing their security architecture from ineffective legacy models to a modern Zero Trust approach created for the cloud.
Mar-2022: Radware extended its partnership with Presidio, Inc., a provider of digital services and solutions. Presidio added Radware's application, DDoS protection, bot manager, API Security solutions, and Cloud Native Protector for its cyber security suite, to protect its hybrid, on premise, and cloud environments' customers.
Jul-2021: Trend Micro teamed up with Microsoft to create cloud-based cyber security solutions on Microsoft Azure and generate co-selling opportunities. Furthermore, the collaboration helps the joint customers in digital transformations by utilizing both Trend Micro's security expertise and Azure's cloud computing platform.
Product Launches and Expansions:
Jul-2022: CrowdStrike extended CNAPP capabilities for helping developers and securing containers. The enhancements to CrowdStrike Cloud Security broaden support for Amazon Elastic Container Service (ECS) within AWS Fargate, enable Software Composition Analysis (SCA) for open source software, and expand image registry scanning for eight new container registries. CrowdStrike customers can identify any vulnerabilities, stores secrets before they are deployed, and embedded malware, by shifting left and proactively assessing containers.
Jun-2022: Zscaler unveiled Posture Control Solution created for providing enterprises with unified Cloud-Native Application Protection Platform (CNAPP) functionality customized to secure cloud workloads. The posture control solution has been integrated with Zscaler Zero Trust Exchange and allows security and DevOps teams to prioritize and remediate risks effectively in cloud-native applications earlier in the development cycle.
Apr-2022: CrowdStrike launched adversary-focused Cloud Native Application Protection Platform (CNAPP) capabilities for expediting threat hunting for cloud environments and workloads and decreasing the mean time of responding. These capabilities combine CrowdStrike's Falcon Cloud Workload Protection (CWP) and Falcon Horizon (Cloud Security Posture Management or CSPM) modules through a common activity dashboard for helping DevOps and security teams to prioritize cloud security problems and addressing runtime threats, enabling cloud threat hunting. Moreover, the updates comprise new ways of using Falcon Fusion (CrowdStrike's SOAR framework) for automating remediations for Amazon Web Services (AWS), brand-new custom Indicators of Misconfigurations (IOMs) for Google Cloud Platform (GCP), brand-new methods to guard against identity-based threats for Microsoft Azure, and more.
Apr-2022: Sophos launched Sophos Cloud Workload Protection, comprising container security and Linux host capabilities. These enhancements advanced the detection and response of in-progress attacks and security incidents within Linux operating systems, improving security operations, and bolstering application performance.
Mar-2022: Forcepoint announced the launch of Forcepoint ONE, an all-in-one cloud-native security platform. This platform enables users to get regulated and protected access to company information in the cloud, on the web, and in the apps, for simplifying security for traditional and remote workforces.
Jul-2021: Aqua Security unveiled the new Aqua Platform. The new platform comes with a unified console, brings down the administrative burden, and features certified RedHat OpenShift operators, and Google Cloud scanning for sensitive data and vulnerability.
Jun-2021: Check Point Software announced the launch of CloudGuard Workload Protection for extending the capabilities of its unified Cloud Native Security Platform, for providing application-first workload protection. This solution helps security teams in automating security throughout applications, microservices, and Application Programming Interfaces (APIs) from development to runtime through a single interface. This solution enables the company to automate and improve its overall cloud security posture.
Feb-2021: Check Point Software launched CloudGuard Application Security (AppSec), a fully automated web application and API protection solution, to extend the capabilities of its unified CloudGuard Cloud Native Security Platform. This solution helps enterprises in securing their cloud-native applications from both zero-day and known attacks. Moreover, this solution eliminated the requirement for manual tuning and a high rate of false-positive alerts in connection with legacy Web Application Firewalls, utilizing contextual AI for preventing attacks from impacting cloud applications and allowing enterprises in taking complete advantage of cloud agility and speed.
Acquisitions and Mergers:
Feb-2022: Check Point Software took over Spectral, a startup, and innovator in developer-first security tools designed by developers for developers. Following this acquisition, the company aims to support the cloud developers' community as well as fulfill its commitment to providing cloud security automation, trust, and usability across any cloud to every enterprise. Additionally, the integration of Spectral's best-in-class security tools for developers with Check Point's threat intelligence tools and deep cloud security capabilities enables enterprises to shift-left security with tool developers and security teams trust.
Oct-2021: Forecpoint announced the acquisition of Bitglass, an information technology company that helps enterprises move to SaaS-based and mobile deployments securely. Bitglass' SSE platform is a perfect complement to Forcepoint's data-first SASE architecture and would advance the former company's efforts of making advanced data security and threat protection technologies easy for enterprises to use and deploy. The acquisition accelerated Forcepoint's capability of addressing customers' different needs for allowing hybrid workforces to access and utilizes information anywhere safely.
Jul-2021: Sophos took over Capsule8, a pioneer in Linux detection and protection. With the help of Capsule8, Sophos Partners can target additional customers who want low-impact, high-performance, and Linux offerings. Moreover, it unlocked more opportunities for attracting organizations that want best-in-class security from a single vendor throughout all their operating systems.
Geographical Expansions:
Sep-2022: Radware established a new cloud security center in UAE, Dubai. This center aims to decrease latency for in-region traffic and deliver faster mitigation response times from web application attacks, denial-of-service attacks, attacks on APIs, and malicious bot traffic, to customers. Additionally, it would mitigate compliance processes involved in offshore routing.
Sep-2022: Radware opened a cloud security center in Italy, Milan. The center protects customers from OWASP Top 21 Automated Threats to Web Applications, OWASP Top 10 Web Application Security Risks for 2021, volumetric distributed denial-of-service (DDoS), application-level DDoS attacks, and OWASP API Security Top 10.
Jul-2022: Aqua Security expanded its global footprint by launching the Aqua platform in Europe. The launch allows customers in European Union to take advantage of the SaaS service-based platform, while at the same time adhering to data privacy and residency requirements. Moreover, the geographical expansion aligns with Aqua's commitment to serving regional demands and requirements.
Market Segments covered in the Report:
By Offering
By Cloud Type
By Organization Size
By Vertical
By Geography
Companies Profiled
Unique Offerings from KBV Research
List of Figures