(originally posted 6/21)

Every week brings another report of someone leaving an unsecured online storage container filled with sensitive customer data. Thanks to an increasing number of unintentional cloud configuration mistakes and an increasing importance of cloud infrastructure, we need tools that can find and fix these unintentional errors. That is where cloud security posture management (CSPM) tools come into play. These combine threat intelligence, detection, and remediation that work across complex collections of cloud-based applications. You can see a few of them above.

Vendors have been incorporating CSPM functions into their overall CNAPP or SSE platforms, including CrowdStrike, Palo Alto Networks, Wiz, Zscaler and Tenable. This means that the modern standalone CSPM tool has all but disappeared. In my latest revision on the category for CSOonline, I  mention some of the issues involving purchase decisions and mention three vendors that are still selling these tools.