Chaos and Order

💡 왼쪽 원문을 읽으면서 오른쪽에 따라 써보세요. Tab 키로 힌트를 받을 수 있습니다.

원문 렌더가 준비되기 전까지 텍스트 가이드로 표시합니다.

> "Agentless scanning is no longer optional. Since 2024, CSPM has consolidated into 'CNAPP,' and the reason Google paid $32B for Wiz is simple — whoever puts every multi-cloud data point into a single graph defines security for the next decade." — Gartner Hype Cycle for Cloud Security, 2025

As of May 2026, the Cloud Security Posture Management (CSPM) market has been completely reshaped by a single event. In March 2024, Wiz rejected Google's first acquisition offer of $23B; one year later, in March 2025, Google came back and acquired Wiz for $32B. It is the largest acquisition in cloud security history and also the largest in Alphabet's history (previous record: $12.5B for Motorola Mobility in 2012).

Around the same time, Lacework was acquired by Fortinet for a reported $200M–$300M in May 2024 — a fire sale at roughly 95% below its $8.3B peak valuation. Orca Security is delaying its IPO to stay independent. Aqua Security and Sysdig are deeply rooted in container and runtime security. Prisma Cloud is Palo Alto's cash cow. Snyk leads the developer-friendly camp. Tenable has extended its vulnerability scanner into CSPM. And a brand-new category, DSPM (Data Security Posture Management) — Cyera, Varonis, BigID — is growing fast, scanning the data itself rather than the infrastructure.

This article maps the full 2026 landscape across CSPM, CNAPP, CWPP, CIEM, and DSPM, with each vendor's real strengths and pitfalls, plus Korean and Japanese case studies.

1. The 2026 CSPM Map — CNAPP / CWPP / CIEM / DSPM Four Categories

Gartner's acronyms confuse people, but the actual landscape divides cleanly into four boxes.

|---|---|---|---|

Until 2022, these four categories were separate product lines, but starting in 2023–2024 they were all collapsed into a single word: CNAPP. The reason is simple. Security teams can no longer afford silos like "VM vulnerabilities go to Product X, IAM permissions to Product Y, S3 data exposure to Product Z." Attackers move across silos in a single chain — S3 bucket leak, RDS credentials inside, IAM escalation, EC2 pivot, lateral workload movement. Defenders must therefore see everything in one graph.

The company that first nailed this graph model was Wiz, and the result is a $32B acquisition.

2. Wiz — Google's $32B Acquisition (March 2025) and Its Meaning

Wiz was founded in 2020 by Assaf Rappaport, Ami Luttwak, Yinon Costica, and Roy Reznik. All four were alumni of Israel's elite Unit 8200 cyber intelligence corps and the core engineering team of Adallom, a cloud security startup that Microsoft acquired. Within 18 months, Wiz crossed $1B ARR — earning the nickname "fastest-growing SaaS in history."

Two technical breakthroughs powered Wiz's rise.

First, **agentless snapshot scanning**. While previous CWPP products required agents installed on every EC2/VM, Wiz takes disk snapshots through cloud APIs and scans them in a sidecar environment. Enterprise security teams found it transformative: full vulnerability, secret, and IAM-key exposure visibility across every VM, with zero installation in production.

Second, the **Security Graph**. Wiz models every cloud resource (VM, container, S3, IAM role, secret, KMS key, data store) as a node and every relationship (attack path, trust, data flow) as an edge. Security teams can answer questions like "Which workloads are internet-facing, vulnerable, and bound to an admin IAM role?" with a single query. This graph model has become the de-facto CNAPP standard.

Wiz rejected Google's first $23B offer in March 2024 because (a) they were eyeing an IPO, (b) antitrust clearance was uncertain, and (c) they believed they could push the price higher. They were proven right. Twelve months later, in March 2025, Google offered $32B in cash — a 39% premium on the original offer.

$32B represents about 46x Wiz's 2024 ARR (~$700M) — more than double the typical SaaS acquisition multiple. Most analysts describe it as "the price of a security graph in the AGI era." Post-acquisition, Wiz pledged to maintain support for multi-cloud (AWS, Azure) outside Google Cloud — Google clearly intends to use Wiz as a wedge into AWS's 30%+ market share.

3. Lacework — Fortinet Acquisition (May 2024)

Lacework experienced the opposite fate of Wiz. Founded in 2015, it raised $1.3B in Series D in November 2021 at an $8.3B valuation — the hottest CSPM company at the time. But the 2022 macro downturn, slowing growth, and two large layoffs (about 20% each in May 2022 and August 2023) led to a Fortinet acquisition in May 2024. The reported price was $200M–$300M, roughly 95% below its peak.

Lacework's technical strength was **Polygraph**, a behavior-based detection engine. It baselined cloud API calls, container executions, and network flows using machine learning, then flagged anomalies. But (a) it relied heavily on agents, (b) its rule-based CSPM features were weak, and (c) its single-pane graph UX lagged Wiz.

Lacework's collapse left the security market with two lessons. First, **valuation tracks revenue growth**. Wiz grew ARR from $50M to $300M (6x), while Lacework stalled near $100M — the gap was reflected dollar-for-dollar in the acquisition prices. Second, **single-category products struggle in the CNAPP era**. Lacework was strong in CWPP/CDR (Cloud Detection and Response) but late to integrate CSPM/DSPM/CIEM. By the time it tried, Wiz had absorbed every category into one platform.

Fortinet is integrating Lacework as the core of FortiCNAPP and has promised an on-prem + cloud unified offering combining FortiGate (NGFW) with Lacework Polygraph by end of 2025. But market share remains far behind Wiz/Palo Alto, and the Lacework standalone product line is expected to be gradually absorbed into FortiCNAPP.

4. Orca Security — Israeli Unicorn on an IPO Track

Orca Security is another Israeli company (founded 2019 in Tel Aviv) in the CNAPP space, famous for its **SideScanning** patent. The model is nearly identical to Wiz's agentless snapshot approach, but Orca filed the patent first and sued Wiz over it; they settled in 2023.

Technically, Orca and Wiz compete head-to-head inside the same CNAPP category. The differences shake out as follows.

- Orca is **slightly cheaper per unit**. Per AWS/Azure/GCP workload pricing tends to be 15–20% below Wiz.

- Orca uses a **single side-scanner** for all clouds. Wiz has more sophisticated per-cloud scanning infrastructure but is also more complex to set up.

- Wiz's **Security Graph UX is significantly ahead**. Orca is alarm-catalog-centric, Wiz is graph-query-centric, leading to very different workflows.

- Enterprise sales is **dominated by Wiz**. Orca is stronger with mid-market and cloud-native startups.

Orca raised $550M in Series E in 2024 at a $1.8B valuation and reportedly targets a late-2025 IPO. After Google acquired Wiz, Orca can credibly claim the "leading independent CNAPP" position — and rumors persist that Wiz's would-be rivals (AWS, Microsoft, Oracle, Cloudflare) are eyeing Orca as a potential acquisition target.

5. Aqua Security — Original Container Security Vendor

Aqua Security, founded in 2015 in Israel, is the **original container and Kubernetes runtime security vendor**. It bundled Docker image scanning, Kubernetes admission control, runtime behavior protection, and secret auditing into a single integrated platform from day one. Aqua is also the maker of Trivy, the open-source image vulnerability scanner with over 20k GitHub stars.

Aqua's strength is **Kubernetes depth**. Its eBPF-based runtime behavior protection, Kubernetes RBAC analysis, and full-platform support (OpenShift, Anthos, EKS, AKS) are the most mature in the market. In the KSPM (Kubernetes Security Posture Management) sub-category, Aqua, Sysdig, and Red Hat ACS (StackRox) essentially split the market.

The weakness is **whole-cloud visibility**. Because Aqua started in containers, its CSPM coverage for the PaaS layer (S3 bucket misconfigs, RDS public exposure) is relatively weak. In 2024 Aqua acquired Argon Security (supply chain security) and strengthened AWS CloudTrail / Azure Activity Log integration, but most reviews place it below Wiz/Prisma on PaaS-layer CSPM.

Notable customers include PayPal, Samsung, Capital One, and Choice Hotels. Thanks to the Trivy open-source community, Aqua enjoys a strong bottom-up adoption path — many companies start with Trivy and upgrade to Aqua Enterprise.

6. Sysdig — The Creator of Falco, CSPM + CWPP

Sysdig was founded in 2013 by Loris Degioanni, whose earlier system-tracing tool became Sysdig OSS and the foundation of Falco. **Falco was donated to the CNCF in 2018 and is now the cloud-native runtime security standard**. Sysdig Secure is the enterprise version of Falco.

Sysdig's differentiator is **system-call-level visibility**. Using eBPF, it captures every container's syscalls and applies Falco rule sets to detect suspicious behavior (shell execution, privilege escalation, unexpected network connections) in real time. It is one of the few vendors that handles CSPM (misconfig scanning) and CWPP (runtime protection) in a single platform.

Sysdig grew to roughly $150M in revenue by 2022, launched Sysdig Secure for Cloud in 2023 to formally enter the multi-cloud CSPM market, and in 2024 coined a new category "CDR" (Cloud Detection and Response), marketing the "5/5/5 rule" (5 minutes to detect, 5 to investigate, 5 to respond).

The weakness is **agent dependency**. Compared to Wiz/Orca's agentless model, Sysdig requires installing the Sysdig Agent on every node — an operational overhead. Sysdig added agentless options in late 2024, but the core value proposition remains agent-based deep visibility.

Notable customers include Goldman Sachs, Beat, BigCommerce, and SAP Concur. Sysdig is strong in financial services, where the prevailing view is "you need an agent for real visibility."

7. Prisma Cloud (Palo Alto Networks) — Enterprise Integration

Prisma Cloud is the CNAPP product Palo Alto Networks built by acquiring four companies between 2018 and 2020: RedLock (CSPM), Twistlock (CWPP), PureSec (serverless security), and Bridgecrew (IaC scanning). **From the moment the term CNAPP was coined, Prisma Cloud was the only product covering every module**.

Its strength is **enterprise integration and synergy with network security**. Companies that already use Palo Alto's NGFW (Strata) and SASE (Prisma Access) naturally adopt Prisma Cloud. The breadth across CSPM, CWPP, CIEM, IaC scanning, API security, and data security — seven modules in one console — is the largest in the industry.

The weakness is **console UX integration**. Traces of the four acquired companies are still visible throughout the UI, and the "single-pane graph view across all security events" workflow that Wiz pioneered remains weak. Prisma Cloud 4.0 (codename "Darwin") launched in 2024 with a unified console and graph view, but most reviews still place it below Wiz's Security Graph.

Pricing is **most attractive when bundled with enterprise licensing**. Combined with NGFW, single-module prices often drop below 50% of list — this bundle is Prisma Cloud's strongest sales weapon. Standalone, however, it tends to lose price competition with Wiz/Orca.

Notable customers include NTT Data, Accenture, Equinix, and Wells Fargo. Prisma Cloud dominates global enterprise and government accounts.

8. Snyk Cloud — Developer-Friendly CNAPP

Snyk was founded in 2015 in London and is the flagship of the **developer-first security** category. It started with dependency vulnerability scanning (Snyk Open Source) for npm, Maven, and PyPI, then added IaC scanning (2020), container security (2022), and finally Snyk Cloud (CSPM, 2023).

Snyk's biggest strength is **developer workflow integration**. Security alerts and auto-fix suggestions appear directly inside GitHub PRs, GitLab MRs, and Bitbucket PRs. Its IDE plugins (VS Code, JetBrains) are the most mature in the industry. Snyk is optimized for the workflow where security teams author rules and engineering teams absorb them naturally.

The weakness is **runtime security depth**. Snyk Cloud is strong on cloud misconfig and IaC scanning but lags Wiz/Sysdig on eBPF runtime behavior detection and cloud graph modeling. In 2024 Snyk acquired Helios (cloud behavior analysis) and Probely (API scanning) to close the gap.

Pricing is **developer-seat-based**, making direct comparison with cloud-resource-based pricing (Wiz, Orca, Prisma) difficult. It is cheap for small dev teams but scales expensively with seat count in large engineering organizations.

Notable customers include Google, Salesforce, ASML, Atlassian, and Microsoft. Snyk thrives in developer-led cultures.

9. Tenable Cloud Security

Tenable, founded in 1998, is the **original Nessus vulnerability scanner**. After 25 years dominating on-premises vulnerability management (VM), Tenable extended to cloud/SaaS via Tenable.io, then acquired Ermetic for $265M in 2022 to add CIEM, packaging everything as Tenable Cloud Security under the CNAPP umbrella.

The strength is **depth of vulnerability data**. Tenable has accumulated CVE/CVSS data since the Nessus era, including regional vulnerability DBs from Korea's KISA and Japan's JPCERT. For customers who also use Tenable.ot (OT/IoT security) — manufacturers, energy companies, governments — single-vendor consolidation is a major draw.

The weakness is **cloud-native depth**. Container/Kubernetes/serverless security trails Aqua/Sysdig, and graph modeling lags far behind Wiz. That is why Tenable is rarely placed in CNAPP tier-1 in analyst rankings.

Pricing is **most attractive when bundled with on-premises**. Customers already using Nessus/Tenable.io get significant discounts on Cloud Security, and there is real value in a single security team operating one console across on-prem and cloud.

Notable customers include Boeing, NASA, the US Department of Defense, NTT in Japan, and LG CNS in Korea. Tenable is strong in traditional enterprises and government.

10. Datadog CSM / Defender for Cloud / Security Command Center / AWS Security Hub

These four products all fall into the "you already use our platform, use our security too" category.

**Datadog Cloud Security Management (CSM)** launched in 2022 as Datadog's security module. The pitch is "one Datadog Agent handles metrics, logs, traces, APM, RUM, and security all at once." It now covers CSPM (misconfigs), CWPP (runtime), and Application Security (IAST/RASP), expanding incrementally. The strength is **unification of operational and security data**. You can jump from an APM trace to a security event, and security teams share tooling with SREs. The weakness is the lack of a Wiz-class graph model, and standalone-security pricing tends to be expensive.

**Microsoft Defender for Cloud** uses a free tier + paid tier model built into Azure. Azure workloads see almost everything for free, while AWS and GCP coverage is paid and integrates with Microsoft Sentinel. The strength is **cheapest option for Azure users** and seamless integration with Microsoft 365 and Entra ID (formerly Azure AD). The weakness is shallower multi-cloud (AWS/GCP) coverage than Wiz, and a UX trapped inside the Azure Portal that frustrates dedicated security teams.

**Google Security Command Center (SCC)** is GCP's native security console. After Google's March 2025 Wiz acquisition, an integration roadmap between SCC and Wiz was announced, but as of 2026 they still operate as separate products. The industry consensus is that full Wiz integration into GCP-native flows will take another two to three years.

**AWS Security Hub** is a free meta-console that aggregates results from AWS-native services (GuardDuty, Inspector, Macie, Config, IAM Access Analyzer) into one view. The strength is being free/cheap, but it lacks a graph model and offers no multi-cloud support. Most companies use Security Hub as a first-tier aggregator and forward deep analysis to a third-party CNAPP like Wiz or Prisma.

11. CNAPP — Gartner's Classification vs. Market Reality

Gartner coined the term **CNAPP (Cloud Native Application Protection Platform)** in 2021. The definition: "a category that delivers CSPM, CWPP, CIEM, and other cloud-native security capabilities through a single, integrated platform."

As of May 2026, the Gartner Magic Quadrant for CNAPP (April 2025 edition) places vendors as follows:

- **Leaders**: Wiz, Palo Alto Prisma Cloud, Microsoft (Defender for Cloud), Orca Security

- **Challengers**: CrowdStrike Falcon Cloud Security, Trend Micro (Trend Vision One Cloud)

- **Visionaries**: Sysdig, Aqua Security, Lacework (Fortinet)

- **Niche Players**: Tenable, Check Point CloudGuard, SentinelOne (PingSafe acquired)

The trap with this ranking is assuming "Leader = best choice for me." Wiz dominates graph and agentless scanning but trails Sysdig/Aqua in container runtime depth. Prisma Cloud has unmatched module breadth but limited integration. Microsoft is unbeatable on Azure but average everywhere else.

The most common CNAPP adoption pitfall is **trusting the "one tool for everything" marketing**. In practice, most enterprises end up with a 2–3 tool stack: (a) CSPM + CIEM via Wiz/Prisma, (b) container runtime via Sysdig/Aqua, (c) DSPM via a dedicated product.

12. CIEM — Entitlement Management

CIEM (Cloud Infrastructure Entitlement Management) analyzes and enforces **least privilege** for cloud IAM permissions. AWS alone now exceeds 13,000 IAM actions, and when a company operates thousands of IAM roles, no human can manually track who can access what.

Core CIEM capabilities include:

- **Effective Permissions calculation**: evaluating SCP, identity-based, resource-based, permissions boundaries, and session policies together to compute what is actually possible

- **Unused Permissions detection**: automatically flagging permissions unused in the past 90 or 180 days

- **Right-sizing recommendations**: auto-generating least-privilege policies for over-permissioned roles

- **Privilege Escalation Path mapping**: graphing chains where Role A can elevate to Role B can elevate to Role C

Representative products include:

- **Wiz CIEM**: added via the 2022 Raftt acquisition, integrated into the Security Graph

- **Sonrai Security**: a CIEM-only vendor founded in 2017, with balanced AWS/Azure/GCP coverage

- **Permiso Security**: strong in insider threat detection (IDR)

- **CrowdStrike Falcon Identity Protection**: extending Identity Protection into CIEM

- **Permit.io**: more of an application authorization tool (OPA/Cedar/Casbin integration) than classic CIEM, but in the adjacent category

CIEM's primary use case is **AWS Organizations multi-account environments**. When a single company runs 50 to 500 AWS accounts, one-line IAM policy changes have impacts no human can trace — and CIEM graph simulation becomes nearly mandatory.

13. DSPM — Cyera / Varonis / BigID

DSPM (Data Security Posture Management), first defined by Gartner in 2023, is the new category that **"automatically finds, classifies, and risk-scores sensitive data wherever it lives in the cloud."** Where CSPM sees infrastructure (VMs, IAM, S3 bucket configs), DSPM sees the data inside it (PII, credit cards, medical records, trade secrets).

Representative products:

**Cyera** (founded 2021, Israel) — A tier-1 DSPM that raised $300M in Series D in 2025 at a $3B valuation. It scans cloud data stores (S3, BigQuery, Snowflake, Redshift, RDS, Cosmos DB, DynamoDB) without agents and classifies sensitivity (PII, PCI, PHI) using ML. Cyera was the undisputed leader before Wiz launched its DSPM module, and it remains preferred by multi-cloud enterprises that want to stay outside the Wiz orbit.

**Varonis** (founded 2005, IPO 2014) — Originally an on-premises file server data governance company (Active Directory, NetApp, EMC), Varonis extended into SaaS/cloud and is widely seen as the DSPM original. It has the deepest analytics for SaaS data (Microsoft 365, Salesforce, Box, Google Workspace). Its weakness is shallower coverage of cloud-native data stores (BigQuery, Snowflake) compared to Cyera.

**BigID** (founded 2016) — The strongest DSPM for privacy compliance (GDPR, CCPA, HIPAA, PIPEDA, Korea's PIPA, Japan's APPI). Specializes in data mapping, data subject request (DSR) handling, and privacy impact assessment (PIA) automation. Its strength is workflow compliance, not raw technical depth.

**Wiz DSPM** — Launched in 2023 as a built-in module. The decisive value proposition is "see infrastructure (CSPM), permissions (CIEM), and data (DSPM) in a single graph." It answers questions like "Which RDS instances hold PII and have internet-reachable IAM roles?" in a single query.

**Microsoft Purview** — A free/cheap DSPM option specialized for Microsoft 365 data. Multi-cloud depth lags Cyera/Wiz, but inside the Microsoft ecosystem it is unbeatable.

The biggest DSPM pitfall is **classification accuracy**. ML-based PII detection commonly produces false positives, which leads to alarm fatigue for security teams. When selecting a tool, you must validate classification accuracy on your actual data types (customer DB, healthcare, finance, sales) via PoC.

14. Korea / Japan — Toss, Kakao KSec, Mercari, NTT Security

Toss (Viva Republica) in Korea released a security engineering blog post in 2024 introducing TASS (Toss Account Security Scanner), an in-house CSPM tool. Built on AWS Config + custom rules + a proprietary graph model, TASS scans roughly 300 AWS accounts daily and uses a Slack bot to notify owning teams of violations. Toss cites (a) cost and (b) build flexibility as reasons for not adopting commercial tools like Wiz or Prisma.

Kakao strengthened KSec (Kakao Security) as an internal security organization in 2023 and operates its own CSPM/CWPP stack tailored to Korean data sovereignty requirements. After the Kakao data center outage (October 2022), security and resilience investments grew significantly, and home-built automation aligned to KISA's ISMS-P certification is a key strength.

Mercari in Japan announced in a 2024 security engineering blog post that it had officially adopted a GCP + Wiz stack. Since GCP is Mercari's primary cloud, SCC is the first-tier console, with Wiz serving as the multi-cloud (GCP + AWS) consolidated view. This became an important reference for Wiz's Japan market entry.

NTT, Japan's largest telecom/SI group, runs the country's largest Palo Alto Prisma Cloud reseller business through NTT Data's security division. NTT Communications' "Cloud Service Hub" helps Japanese enterprises adopt multi-cloud safely; inside the package, Prisma Cloud is the default CSPM and Cyera is the optional DSPM. The configuration is tailored to the conservative adoption patterns of Japanese enterprises.

LG CNS, Samsung SDS, and SK C&C in Korea sell CSPM under similar SI models. SK C&C signed an official Wiz partnership in 2024 to deploy across the SK Group. Samsung SDS proposes Prisma Cloud, Lacework (formerly), or Sysdig depending on the customer — a deliberate multi-vendor strategy.

15. Who Should Pick What — Startups / Enterprise / Multi-Cloud

**Seed–Series B startup (single AWS account, small team)**

- AWS Security Hub + GuardDuty + Inspector + Config (all AWS native)

- IaC scanning via Snyk Free or OSS Checkov

- Container scanning via Trivy OSS

- Total cost in the $500–$2,000/month range, covering 80% of threats

- If you have no dedicated security headcount, this is the ceiling — anything more is a waste of time

**Series C–D (starting multi-cloud, 1–5 security headcount)**

- Wiz (unified CSPM + CIEM + DSPM graph, fastest time-to-value)

- Add Sysdig if container depth is missing

- Pair with Snyk if developer workflow integration matters

- Cost range $20k–$80k/month (for 100–500 workloads)

**Enterprise (thousands of workloads, 10–100 security headcount)**

- Wiz (graph + multi-cloud) or Prisma Cloud (module breadth + NGFW bundle discount)

- Separate DSPM: Cyera or Varonis (Varonis if SaaS-data-heavy)

- CIEM: bundled with Wiz, or Sonrai (specialist)

- Runtime depth: Sysdig or Aqua (Aqua if Kubernetes-heavy)

- Cost range $200k–$2M/month (5k–50k workloads)

**Regulated industries (finance, healthcare, government)**

- Tenable (vulnerability + compliance mapping) + Prisma Cloud (CNAPP)

- Korea: needs automation mapped to KISA ISMS-P

- Japan: METI cloud security guidelines mapping

- US: FedRAMP / HIPAA / PCI-DSS mapping

**Cloud-native / Kubernetes-centric**

- Wiz (graph) + Sysdig (runtime depth) + Falco OSS (community rules)

- Add Aqua when OpenShift/Anthos is heavily used

- Add Snyk Container in the CI stage

**Microsoft 365 / Azure-centric**

- Defender for Cloud (free for Azure workloads)

- Microsoft Purview (DSPM, free/cheap)

- Add Wiz for multi-cloud; single-cloud is fine with Defender alone

The single most important principle is **"can I unify the graph?"** If you adopt two or three CNAPP tools and alerts surface in different consoles, cognitive load explodes for your security team. The 2026 playbook is to unify around one tool's graph model and treat the rest as auxiliary feeders into that graph.

16. References

- Google to acquire Wiz for $32 billion, Mar 2025 — https://blog.google/inside-google/message-ceo/google-wiz/

- Google Wiz acquisition closed analysis — https://www.theverge.com/2025/3/18/24385516/google-wiz-acquisition-32-billion

- Wiz rejects Google $23B offer, Mar 2024 — https://www.wsj.com/tech/wiz-google-deal-rejected-2024

- Fortinet acquires Lacework, May 2024 — https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2024/fortinet-completes-acquisition-of-lacework

- Gartner Magic Quadrant for CNAPP 2025 — https://www.gartner.com/en/documents/cnapp-mq-2025

- Wiz Security Graph technical overview — https://www.wiz.io/academy/security-graph

- Orca Security SideScanning patent — https://orca.security/platform/sidescanning/

- Aqua Trivy GitHub — https://github.com/aquasecurity/trivy

- Falco CNCF graduation — https://www.cncf.io/projects/falco/

- Sysdig CDR 5/5/5 benchmark — https://sysdig.com/blog/5-5-5-benchmark-cloud-detection/

- Prisma Cloud 4.0 Darwin release — https://www.paloaltonetworks.com/blog/prisma-cloud/prisma-cloud-darwin-release/

- Snyk Cloud product page — https://snyk.io/product/cloud-security/

- Tenable Cloud Security (Ermetic) — https://www.tenable.com/products/tenable-cloud-security

- Datadog Cloud Security Management — https://www.datadoghq.com/product/cloud-security-management/

- Microsoft Defender for Cloud docs — https://learn.microsoft.com/azure/defender-for-cloud/

- Google Security Command Center — https://cloud.google.com/security-command-center

- AWS Security Hub — https://aws.amazon.com/security-hub/

- Cyera DSPM platform — https://www.cyera.io/

- Varonis Data Security Platform — https://www.varonis.com/products/data-security-platform

- BigID Data Discovery — https://bigid.com/

- Sonrai Security CIEM — https://sonraisecurity.com/

- Permit.io — https://www.permit.io/

- Toss Security Engineering Blog — https://toss.tech/article/security-engineering

- Kakao KSec Security — https://tech.kakao.com/security/

- Mercari Engineering Cloud Security — https://engineering.mercari.com/blog/entry/security/

- NTT Communications Cloud Service Hub — https://www.ntt.com/business/services/cloud-service-hub.html

- Standard Webhooks and adjacent cloud security standards — https://www.standardwebhooks.com/