* [Blog](https://www2.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/) * [Cloud Workload Protection Platform](https://www2.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/) * Using a Full Lifecycle Ap... # Using a Full Lifecycle Approach to Secure Cloud Native Applications [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F05%2Fcloud-secure-cloud-native-applications%2F) [](https://twitter.com/share?text=Using+a+Full+Lifecycle+Approach+to+Secure+Cloud+Native+Applications&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F05%2Fcloud-secure-cloud-native-applications%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F05%2Fcloud-secure-cloud-native-applications%2F&title=Using+a+Full+Lifecycle+Approach+to+Secure+Cloud+Native+Applications&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2020/05/cloud-secure-cloud-native-applications/&ts=markdown) \[\](mailto:?subject=Using a Full Lifecycle Approach to Secure Cloud Native Applications) Link copied By [Keith Mokris](https://www.paloaltonetworks.com/blog/author/keith-mokris/?ts=markdown "Posts by Keith Mokris") May 08, 2020 4 minutes [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown) [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown) [30 Days of Cloud](https://www.paloaltonetworks.com/blog/tag/30-days-of-cloud/?ts=markdown) [Gartner](https://www.paloaltonetworks.com/blog/tag/gartner/?ts=markdown) [trends](https://www.paloaltonetworks.com/blog/tag/trends/?ts=markdown) This post is also available in: [日本語 (Japanese)](https://www2.paloaltonetworks.com/blog/2020/05/cloud-secure-cloud-native-applications/?lang=ja "Switch to Japanese(日本語)") ![Prisma Cloud by Palo Alto Networks, lifecycle protection for cloud native applications. Describing the Gartner 2020 report on "Top Security and Risk Management Trends."](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/05/prisma_gartner-trends-2020_lp-1400x585-1.png) Security professionals are being deluged by a profusion of tools -- there seem to be point tools for nearly every single issue. Thankfully, there are platforms that smartly package these tools into more comprehensive solutions. The trend many are seeing now, though, is that these platforms have so far only focused on certain parts of the software development lifecycle. What many security teams need are simpler, full lifecycle approaches to secure cloud native applications. I want to highlight a trend of consolidating cloud security posture management (CSPM) and cloud workload protection platforms (CWPP) into the emerging area of cloud native application protection, which offer a full lifecycle approach and simplify security. In addition, I'll present subsequent recommendations stemming from the consolidation. Palo Alto Networks was recently listed by Gartner in "Top Security and Risk Management Trends" as one of three sample vendors converging [CWPP](https://start.paloaltonetworks.com/gartner-market-guide-cwpp.html) and CSPM capabilities across development and production, including container/serverless protection. ## **It Can Be Challenging to Secure Cloud Native Applications** Cloud native applications present tremendous challenges for security and risk professionals: ###### A larger number of entities to secure DevOps and infrastructure teams are leveraging microservices -- using a combination of containers, Kubernetes and serverless functions -- to run their cloud native applications. This growth is happening in conjunction with a constantly increasing cloud footprint. This combination leads to a larger number of entities to protect, both in production and across the application lifecycle. ###### Environments are constantly changing Public and private cloud environments are constantly changing due to the rapid-release cycles employed by today's development and DevOps teams. As enterprises deploy weekly or even daily, this presents a challenge for security personnel looking to gain control over these deployments without slowing down release velocity. ###### Architectures are diverse, spanning multi- and hybrid-cloud environments Enterprises are using a wide-ranging combination of public and private clouds, cloud services and application architectures. Security teams are responsible for addressing this entire infrastructure and how any gaps impact visibility and security. ## **The Need for Integrated Security Across the Application Lifecycle** In order to secure cloud native applications and cloud environments, security controls need to be addressed before deployment. This includes integrating vulnerability scanning and hardening checks into integrated developer environments (IDEs), security configuration management (SCM), continuous integration (CI) workflows and image registries to quickly pass feedback to the development teams and address security issues before deployments. Additionally, protecting cloud environments and running applications is a top requirement for modern enterprises. Security teams need to continuously monitor cloud configurations, while also protecting the VMs, containers and serverless applications running on top of that infrastructure. This is where a consolidated platform helps organizations scale their security efforts, both across the lifecycle and up and down the entire stack. ## **An Emerging Category: Cloud Native Application Protection Platforms** Recently, Gartner published "Top Security and Risk Management Trends," highlighting key themes and requirements for security and risk professionals. In the report, Gartner states: "As a result of the protection needs of cloud-native applications, the CWPP and CSPM market are rapidly converging into cloud-native application protection platforms. Support for scanning of containers and serverless functions in development is becoming a mandatory requirement for any CWPP. Runtime protection of containers and serverless functions is also becoming a requirement. CSPM across development and runtime is becoming a requirement." In the report, under Trend No. 8, we think Gartner includes recommendations for security and risk management (SRM) leaders looking to improve their cloud workload protection. Here are a few key recommendations that Palo Alto Networks has chosen to summarize: * Address the requirements of protecting cloud workloads, including server workload protection and [container security](https://www.paloaltonetworks.com/blog/2019/11/cloud-container-security/) capabilities. * Prioritize CSPM to ensure workloads are configured properly and extend CSPM into the development process. * Ensure your security provider is fully API-enabled for automation. * Consider a comprehensive cloud-native application protection platform that combines CWPP and CSPM, including capabilities for containers and [serverless](https://www.paloaltonetworks.com/blog/2020/03/cloud-securing-serverless/), in a single solution. ###### **We believe Palo Alto Networks is well-positioned to secure cloud native applications.** In November 2019, Palo Alto Networks announced that Prisma Cloud was [the industry's most complete Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/2019/11/cloud-native-security-platform/), officially combining best-in-class capabilities from evident.io, RedLock, PureSec and Twistlock to address the needs that organizations have across CSPM and CWPP. And in the second half of 2020, Prisma Cloud will strengthen its capabilities, adding identity-based microsegmentation for applications running on any cloud, through the integration of the [recent acquisition of Aporeto](https://www.paloaltonetworks.com/company/press/2019/palo-alto-networks-completes-acquisition-of-aporeto). We're proud to be formally mentioned in this report, as we strongly feel our capabilities map directly to the suggested requirements for cloud native application protection. To learn more about Gartner's insights and recommendations for securing cloud native applications, [download "Top Security and Risk Management Trends" today](https://start.paloaltonetworks.com/cloud-native-application-protection.html). *** ** * ** *** ## Related Blogs ### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown) [#### Cloud Security 2021: 4 Key Trends You Shouldn't Miss](https://www2.paloaltonetworks.com/blog/2020/04/cloud-security-2021/) ### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown) [#### What to Know About Cloud Infrastructure Entitlement Management (CIEM)](https://www2.paloaltonetworks.com/blog/2020/10/cloud-ciem/) ### [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown) [#### A Leader in the 2020 Gartner WAN Edge Infrastructure Magic Quadrant](https://www2.paloaltonetworks.com/blog/2020/09/2020-gartner-wan-edge-infrastructure-magic-quadrant/) ### [Secure the Future](https://www.paloaltonetworks.com/blog/category/secure-the-future/?ts=markdown) [#### XDR Listed as a Top Security and Risk Management Trend by Gartner](https://www2.paloaltonetworks.com/blog/2020/04/cortex-security-and-risk-management/) ### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown) [#### 3 Myths About Security in the Cloud](https://www2.paloaltonetworks.com/blog/2020/04/cloud-3-myths-about-security-in-the-cloud/) ### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown) [#### The Best Method to Secure the Cloud Starts Offline](https://www2.paloaltonetworks.com/blog/2020/03/cloud-secure-the-cloud/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language