Compliance und Risiko
Cloud Security in the CNAPP Era: Eight Important Takeaways
Eight takeaways on why Trend Vision One™ embodies the best of today’s CNAPP vision. Includes insights from 2025 Gartner® Market Guide for CNAPP
Save to Folio
Cloud-native application protection platforms (CNAPP) are evolving from theoretical frameworks to operational imperatives. Trend Vision One™ Cloud Security stands out by delivering a unified, AI-enhanced, DevOps-friendly security fabric across hybrid and multi-cloud infrastructure.
In our opinion, this aligns with recommendations in the 2025 Gartner® Market Guide for CNAPP to “Focus on comprehensive and unified CNAPPs that provide extensive capabilities and support an open integration model for additional services. This approach ensures the required breadth and depth of functionality to seamlessly integrate across the entire development ecosystem and cloud platform environment."
Here are the eight takeaways that define why Trend Vision One™ embodies the best of today’s CNAPP vision.
1. CNAPP: The all-in‑one cloud-native security foundation
Trend Vision One doesn’t just check the boxes—it sets the standard, delivering powerful integrated capabilities. These include cloud workload protection for servers and containers, cloud risk posture management, vulnerability prioritization, runtime protection, and extended detection and response (XDR).
2. Seamless integration with DevOps and existing toolchains
Modern cloud environments demand tools that embed naturally within continuous integration and continuous delivery/deployment (CI/CD) workflows and APIs. The powerful CNAPP capabilities of Trend Vision One integrate natively with your pipelines, automating detection, reducing false positives, and unifying security across toolchains.
👉 Why it matters: We embed security directly into the developer’s world—CI/CD pipelines, IDEs, and APIs—eliminating friction and accelerating secure innovation. According to Gartner: “by having consistently enforced policies and risk-prioritizing remediation efforts, a unified CNAPP offering should reduce developer friction and improve developer experience.” We say: mission accomplished.
3. Deep visibility across hybrid, multi-cloud, and container workloads
Data generated across these environments can be overwhelming, making it difficult to identify relevant security threats and anomalies without advanced filtering and analysis capabilities. Trend Vision One extends protection across hybrid and multi-cloud environments. It delivers unified visibility, including granular container image scanning, runtime protection, and cloud workload alerts, all while preserving performance in auto-scaling workloads.
👉 Why it matters: This integration provides strong security without sacrificing efficiency or scalability. This is critical for protecting dynamic, complex cloud infrastructures. Gartner® calls for Bidirectional Collaboration. We deliver it at scale.
4. File security strategy for cloud workflows and storage
Beyond workloads and containers, cloud-native enterprises increasingly rely on distributed files across storage systems, applications, and workflows. Trend Vision One enables:
- File scanning in cloud storage, detecting malware, ransomware, and sensitive data exposures in buckets, shares, and storage repositories
- Application workflow protection, monitoring files moving through collaboration applications and cloud-native workflows
- A centralized CNAPP view, unifying the visibility and reporting of file-related threats alongside workloads, containers, and identities
👉 Why it matters: We extend CNAPP beyond workloads into the file layer. From malware detection in cloud storage to workflow protection, Trend Vision One ensures no asset escapes scrutiny. Gartner® recommends “inspection across all artifacts: containers, VMs, serverless functions and data storage.” We deliver full-spectrum coverage.
5. Proactive threat detection with XDR, AI and machine learning (ML), and zero trust principles
Organizations struggle to detect and respond to sophisticated threats across complex, diverse cloud environments, leading to potential blind spots, security breaches, and operational inefficiencies.
Trend Vision One elevates your CNAPP strategy with:
- Trend Vision One™ XDR for Cloud, leveraging over 700 detection models, threat intelligence, and automated playbooks for rapid detection and response
- AI, ML, and zero trust; harness global threat intelligence, AI-powered analytics, and zero trust frameworks to simplify security operations and unify risk management across endpoints, networks, cloud, and access points
👉 Why it matters: Trend Vision One fuses XDR, AI, ML, and zero trust into a single force multiplier for upleveled protection. Gartner® states that: “understanding of data context in unstructured and structured storage repositories is necessary to fully understand and address the context and prioritization of risks, but many CNAPP vendors don’t yet offer this.” We go even further, delivering real-time, actionable insights that cut through noise and help you drive a decisive response.
6. Expanding ecosystem reach and innovation via strategic partnerships
Maintaining comprehensive security across diverse cloud platforms is difficult, especially when implementing advanced AI-driven defenses and ensuring compliance with rigorous data governance standards. Evolving partnerships with Trend Micro reflect growing CNAPP influence, and our shared commitment to cloud and AI innovation.
These include:
- Broad, consistent support for the top five cloud providers including AWS, Azure, Google Cloud Platform™ (GCP), Oracle Cloud, and IBM, ensuring security wherever you run workloads
- Strong partnership with AWS
- Deep integration with AWS-native services, shared innovation on security posture management, and joint go-to-market initiatives to help make cloud adoption safer and faster
- First cybersecurity partnership to develop a pay-as-you-go model to protect cloud workloads and models applications based on your cloud usage
- Innovation with NVIDIA: Collaborations with NVIDIA accelerate AI-driven security capabilities and infrastructure performance, helping you protect and optimize AI workloads
- With GCP: Expanded Trend Vision One integration for sovereign and private cloud environments with Google Assured Workloads enhances secure data governance across hybrid, air‑gapped, and regulated operations
- Marketplace presence: Trend Vision One is now available in leading cloud marketplaces, simplifying adoption for global enterprises
👉 Why it matters: We’ve built an open integration architecture that spans the top five cloud providers and goes beyond.
Gartner® recommends to security leaders responsible for cloud security should “Focus on comprehensive and unified CNAPPs that provide extensive capabilities and support an open integration model for additional services. This approach ensures the required breadth and depth of functionality to seamlessly integrate across the entire development ecosystem and cloud platform environment.”
Trend Vision One is not just integrated—we’re everywhere you need us.
7. For CISOs: Turning cloud risk into board-level visibility
CISOs today are under pressure to show how security aligns with business outcomes. Trend Vision One helps you translate technical risk into business risk with:
- A unified risk dashboard, A single view correlating misconfigurations, vulnerabilities, and threats across cloud environments
- Business impact mapping, offering risk prioritization tied to critical applications and compliance frameworks
- Board-ready reporting, featuring automated insights that map CNAPP outcomes directly to resilience, compliance, and financial exposure
👉 Why it matters: Trend Vision One transforms technical risk into business intelligence.
8. For DevSecOps: Security supporting innovation
DevSecOps teams face the tension of delivering fast, secure, and scalable applications. Trend Vision One ensures security is embedded, not bolted on, with:
- Pipeline-native protection: Infrastructure as code (IaC) scanning, container image checks, and secret detection inside CI/CD pipelines
- Runtime guardrails, automating policy enforcement and anomaly detection without adding operational drag
- Frictionless collaboration for shared context across developers, operations, and security teams with minimal tool switching
👉 Why it matters: We support and empower developers. Trend Vision One provides guardrails, not gates, enabling secure innovation at full speed. Gartner® says “by having consistently enforced policies and risk-prioritizing remediation efforts, a unified CNAPP offering should reduce developer friction and improve developer experience,” and we agree. When proactively secure, developers can focus on building.
Closing thoughts
Gartner® says “As organizations shift to a DevSecOps life cycle for cloud-native applications, application teams are taking on greater responsibility for resolving security issues. Nevertheless, managing risk exposure remains a business obligation, with the security leadership accountable for addressing identified cloud risks. Look for a CNAPP solution that simplifies these challenges and provides business-level insight as risks are mitigated.”
We believe that, when security speaks the language of the board and developers, it becomes a true driver of innovation. With Trend Vision One, we not only meet that bar but raise it. The future of cloud security is proactive, and it’s yours for the taking with a single AI-powered enterprise cybersecurity platform.
Gartner, Market Guide for Cloud-Native Application Protection Platforms, 5 August 2025
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Copyright ©2025 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro logo, Trend Vision One, and the t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their owners. Information contained in this document is subject to change without notice. Trend Micro, the Trend Micro logo, and the t-ball logo Reg. U.S. Pat. & Tm. Off. [BLG00_Cloud_Security_CNAPP_Blog_250924US]
For details about what personal information we collect and why, please see our Privacy Notice at trendmicro.com/privacy