CNAPP Market Array Feedback Panel

CNAPP Vendors Benefit from Security Budgets and Multi/Hybrid Cloud

Erik Bradley | ETR Research 

| June 21, 2024

ETR Insights presents a panel discussion with four IT security executives who give an overview of CNAPP and broader cloud security efforts amid ongoing digital transformation and the rollout of AI. This panel is a follow-up to the existing CNAPP Observatory and accompanying Market Array data.

Despite overall IT spending declines, organizations are increasing their security budgets to manage risk, focusing on competitive positioning and eventual tool consolidation. Data security and regulatory compliance are key—both particularly complex in hybrid cloud environments—with an emphasis on Zero Trust principles throughout. Microsoft Defender for Cloud leads all vendors in overall market Presence, though Wiz leads in Momentum and integrates particularly well within DevSecOps and Infrastructure as Code.


According to our panelists, Dynatrace and Datadog battle for workload protection and cloud security posture management; CrowdStrike and SentinelOne are highly regarded for CNAPP among existing endpoint and XDR customers; Zscaler rides the wave of Zero Trust models; and Palo Alto Networks and Cisco still offer strong solutions for existing customers. Read on to learn how these executives best align security investments and business priorities, the importance of real-time monitoring, and the challenges of integrating security tools across diverse and legacy environments.

Vendors Mentioned: Microsoft / CrowdStrike / Datadog / Dynatrace / Orca / Palo Alto Networks / Cisco Panoptica / Runecast / Sentinel One / Sophos / Wiz / Zscaler

ETR Data: In ETR's Market Array for CSPM/CNAPP tools, end users in our ITDM community provided utilization and evaluation metrics across the selected vendor universe. See the full Market Array data for spend intent, usage growth, stickiness vs. churn, ROI, and so much more.

Key Takeaways from the CNAPP Observatory and Market Array Feedback Panel

1. Organizations are increasing their security budgets, focusing on competitive positioning and eventual (but delayed) tool consolidation due to rising security concerns tied to digital transformation and AI, as well as the need to address cyber threats, regulatory compliance, and reputational risks.

2. Data security and regulatory compliance are key priorities in hybrid cloud environments. Organizations are seeking unified security solutions to address complexities introduced by managing security in such environments, such as disparate policies, diverse security controls, and data transfer between clouds.

3. Microsoft Defender for Cloud leads all vendors in overall Presence within the CNAPP space, favored by organizations all-in with Microsoft E-5 licenses. Other vendors like Wiz -- which leads overall Momentum -- Dynatrace, and Datadog compete for workload protection and cloud security posture management, while CrowdStrike and SentinelOne are highly regarded for CNAPP among existing endpoint and XDR customers.

4. Zero Trust principles, particularly in the finance sector, are important. Financial services companies are implementing Zero Trust frameworks and looking for solutions that can encrypt data, manage access controls, implement data loss prevention measures, and provide robust incident response and threat detection capabilities. Zscaler was mentioned as being thematically aligned.

5. Budgeting must align with product teams and customer demand. Security teams need to manage risk to customer information while supporting regulatory obligations and making it a competitive sell. Niche companies are capturing budgets previously reserved for legacy vendors as they expand their capabilities into the data center. Integration of security tools in diverse environments is a significant challenge, with ROI, cost, and efficacy being important considerations.


Review the full feedback panel summary for further details, including direct vendor feedback and commentary on the current state of the CSPM/CNAPP space. The full transcript and recording of the panel are also available. You can gain access to them and the underlying data set that evaluates all of the listed companies' CNAPP offerings by reaching out to a member of our service team. If you would like to check out the ETR research platform for yourself, get started with a free trial.  

Enterprise Technology Research (ETR) is a technology market research firm that leverages proprietary data from our targeted IT decision maker (ITDM) community to provide actionable insights about spending intentions and industry trends. Since 2010, we have worked diligently at achieving one goal: eliminating the need for opinions in enterprise research, which are often formed from incomplete, biased, and statistically insignificant data. Our community of ITDMs represents $1+ trillion in annual IT spend and is positioned to provide best-in-class customer/evaluator perspectives. ETR’s proprietary data and insights from this community empower institutional investors, technology companies, and ITDMs to navigate the complex enterprise technology landscape amid an expanding marketplace. Discover what ETR can do for you at