New research reveals what practitioners believe is most important for cloud security technology. Credit: Metamorworks / Getty Images According to new research from ESG and the Information Systems Security Association (ISSA), 58% of organizations are consolidating or considering consolidating the number of security vendors they do business with.Security technology consolidation is bigger than simply winnowing down vendor count. Organizations are shifting from traditional best-of-breed security technologies to tightly integrated security technology platforms. The research illustrates this point: While 24% of respondents say their organization tends to continue to purchase best-of-breed security technologies, 38% say they purchase integrated security technology platforms, while 15% are transitioning purchases from best-of-breed products to security technology platforms (note: the remainder responded “don’t know”).Just what type of capabilities are security professionals looking for in integrated platforms? In my last post, I described the five things infosec pros most want from XDR. As part of our research, ESG and ISSA asked about other platforms as well. Following the pattern established in that earlier post, here are the 5 things security pros want from cloud-native application protection platforms (CNAPP): Accurate threat detection, 28%. “A high level of threat detection efficacy and accurate alerting.” Security pros want specific details on cloud-focused cyberattacks, likely presented in a timeline of events. It’s also probable that they want this information to align with the MITRE cloud matrix.Broad support, 28%. “Support for all types of server and compute platforms” (i.e., virtual machines, containers, serverless, bare metal, etc.). This aligns with the whole platform vibe—one suite that covers everything.Visibility capabilities, 23%. “A rich set of visibility capabilities from discovery of vulnerabilities to detecting anomalous activities” that bring traditional cloud security posture management (CSPM) functionality to broader CNAPP solutions with the overall goal to have one platform that covers cloud threats and vulnerabilities. Preventative controls, 21%. “Preventative controls for hardening and threat protection,” including basic guardrails, automated rules generation, and the ability to detect and remediate drift from secure configurations.Multi-cloud support, 21%. “Support for multiple public cloud infrastructure platforms and data center environments,” including central policy management and monitoring across AWS, Azure, Google, and other public and private clouds.CNAPP may be an evolving technology, but this list is pretty solid—security practitioners want one cloud security technology platform to cover monitoring and management across all aspects of threat and vulnerability management—the whole enchilada. My esteemed ESG colleague Melinda Marks is all over this space. The ESG/ISSA research report is available for free download here. More from me soon. Related content feature The biggest data breach fines, penalties, and settlements so far Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $4.4 billion and counting. By Shweta Sharma and Michael Hill Apr 26, 2024 16 mins Data Breach Security news New CISO appointments 2024 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Apr 26, 2024 14 mins CSO and CISO IT Jobs IT Governance news Top cybersecurity product news of the week New product and service announcements from Forcepoint, Ionix, Amplifier Secutiry and Torq. By CSO staff Apr 26, 2024 81 mins Generative AI Security feature Looking outside: How to protect against non-Windows network vulnerabilities Security administrators who work in Windows-based environments should heed the lessons inherent in recent vulnerability reports. By Susan Bradley Apr 25, 2024 7 mins Windows Security Network Security Security Practices PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe