{"id":96941,"date":"2024-07-31T13:01:26","date_gmt":"2024-07-31T13:01:26","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?post_type=glossary&#038;p=96941"},"modified":"2026-03-24T16:08:12","modified_gmt":"2026-03-24T14:08:12","slug":"what-is-cnapp","status":"publish","type":"learn","link":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/","title":{"rendered":"What is CNAPP?"},"content":{"rendered":"<section class=\"section-article-tldr\">\n            <div class=\"acf-innerblocks-container\">\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\">Summary<\/h2>\n\n\n<p>Cloud-Native Application Protection (CNAPP) is the tools, technologies and practices designed to provide protection for cloud-native applications\u2019 network and infrastructure. Cloud-native application security complements the AppSec aspect of these applications.<\/p>\n\n<\/div>\n        <\/section>\n\n\n<p><\/p>\n\n\n\n<p>Cloud-Native Application Protection (CNAPP) is the tools, technologies and practices designed to provide protection for cloud-native applications\u2019 network and infrastructure. The cloud is dynamic and scalable, but also introduces new and complex security challenges. With CNAPP, enterprises can enhance their cloud architecture security posture, across workloads and in runtime, while streamlining operations and improving visibility and control.<\/p>\n\n\n\n<p>The CNAPP definition is to consolidate multiple security tools and practices into a single platform, allowing it to provide a holistic security posture for cloud-native environments. This includes integrating functionalities such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Cloud Workload Protection Platform (CWPP) <\/strong>&#8211; Protects workloads across virtual machines, containers and serverless functions against threats and vulnerabilities.<\/li>\n\n\n\n<li>\n<strong>Identity and Access Management (IAM)<\/strong> &#8211; Ensures that only authorized users and services can access resources, applying least privilege principles. This can be expanded to <strong>CIEM<\/strong>, Cloud Infrastructure Entitlement Management, that manages identities across the cloud.<\/li>\n\n\n\n<li>\n<strong>Cloud Security Posture Management (CSPM)<\/strong> &#8211; Ensures compliance with security policies and regulations by continuously scanning and monitoring the configuration of cloud resources.<\/li>\n\n\n\n<li>\n<strong>Runtime Container Security<\/strong> &#8211; Specialized security measures for <a href=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\">container<\/a> environments in runtime, including runtime monitoring and vulnerability management.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">What CNAPP Protects<\/h2>\n\n\n\n<p>CNAPP means a unified solution for securing all runtime cloud capabilities. These include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud workloads, like containers, serverless functions and virtual machines.<\/li>\n\n\n\n<li>Cloud infrastructure, like the cloud network, cloud services and Kubernetes clusters.<\/li>\n\n\n\n<li>Data across databases, and storage, as well as data in transit and data at rest.<\/li>\n\n\n\n<li>IAM, including access to cloud resources and service accounts.<\/li>\n\n\n\n<li>Compliance enforcement across the cloud.<\/li>\n<\/ul>\n\n\n\n<p>That being said, it\u2019s important to also understand the <a href=\"https:\/\/aws.amazon.com\/compliance\/shared-responsibility-model\/\">shared responsibility model<\/a> with public cloud providers, which also protect certain aspects of cloud architecture. Doing so ensures all aspects of cloud security are being protected.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Why is CNAPP Security Important<\/h2>\n\n\n\n<p>Cloud-native applications, built and deployed using modern technologies like microservices, containers and serverless architectures, bring remarkable flexibility and scalability. However, this complexity introduces <a href=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-application-security-checklist-for-leaders\/\">new security challenges.<\/a><\/p>\n\n\n\n<p>Cloud-native architectures are usually more complex and distributed than monolith infrastructure. This increases the attack surface, creates blind spots and introduces new security risks, requiring bespoke security solutions and meticulous security management.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"872\" height=\"456\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Fututre-of-Appsec-Technologies.png\" alt=\"Future of Appsec CNAPP technology \" class=\"wp-image-96942\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Fututre-of-Appsec-Technologies.png 872w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Fututre-of-Appsec-Technologies-300x157.png 300w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Fututre-of-Appsec-Technologies-768x402.png 768w\" sizes=\"(max-width: 872px) 100vw, 872px\" \/><\/figure>\n\n\n\n<p>In addition, cloud-native architectures frequently scale and change, with containers and services being created and destroyed rapidly. This ever-changing infrastructure nature necessitates continuous monitoring and adaptive security measures. Yet, many current security solutions are either not built for the cloud or operate in silos, further augmenting complexity.<\/p>\n\n\n\n<p>CNAPP helps provide&nbsp; comprehensive visibility, protection and access management across the entire cloud-native stack, while identifying and remediating issues in cloud infrastructure and network settings. CNAPP solutions were built specifically for cloud network and infrastructure, providing specialized technological solutions for cloud-native applications in runtime.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-4\">How Does CNAPP Work?<\/h2>\n\n\n\n<p>CNAPP is a concept that unifies multiple cloud security capabilities. The result of this consolidation is solutions that performing the following actions:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Providing a unified view of the security posture across all cloud environments, offering real-time visibility into runtime security issues across the network and infrastructure.<\/li>\n\n\n\n<li>Continuously monitoring applications and infrastructure for vulnerabilities, misconfiguration, compliance issues, anomalies and runtime threats.<\/li>\n\n\n\n<li>Applying security patches, fixing misconfigurations and remediating vulnerabilities based on predefined policies and prioritization.<\/li>\n\n\n\n<li>Enforcing security policies and compliance requirements, ensuring adherence to industry standards (e.g., HIPAA, GDPR).<\/li>\n\n\n\n<li>Maintaining detailed logs and audit trails for compliance reporting and forensic analysis.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-5\">Best Practices for CNAPP<\/h2>\n\n\n\n<p>CNAPPs are valuable solutions for securing cloud architecture and infrastructure. Here are some best practices to follow for implementing CNAPP:<\/p>\n\n\n\n<p>1. Continuously discover and inventory all cloud resources and workloads to ensure complete visibility across your cloud environments.<\/p>\n\n\n\n<p>2. Understand the relationships and dependencies between assets to better assess risk and implement security controls.<\/p>\n\n\n\n<p>3. Apply the principle of least privilege to limit access to resources and minimize the attack surface.<\/p>\n\n\n\n<p>4. Scan and monitor for vulnerabilities and misconfigurations that put cloud environments at risk.<\/p>\n\n\n\n<p>5. Employ runtime security that monitors and analyzes the behavior of cloud-native applications to detect and respond to anomalies and threats in real time.<\/p>\n\n\n\n<p>6. Apply data encryption, both at rest and in transit, and use strong access controls to protect sensitive data.<\/p>\n\n\n\n<p>7. Implement automated response solutions, such as orchestration workflows, to quickly mitigate detected threats without manual intervention.<\/p>\n\n\n\n<p>8. Regularly conduct audits ensure continuous compliance with industry regulations and standards such as GDPR, HIPAA and PCI DSS.<\/p>\n\n\n\n<p>9. Foster a culture of security by promoting collaboration between security teams, developers and operations. Use cross-functional teams to ensure that security is a shared responsibility.<\/p>\n\n\n\n<p>10. Complement CNAPP with a cloud-native application security solution for AppSec teams to cover the development aspect of your applications as well as legacy applications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-6\">CNAPP Risks and Implementation Challenges<\/h2>\n\n\n\n<p>CNAPP was devised to protect against the risks associated with the cloud, focusing mainly on clod infrastructure and runtime. However, security and development teams face challenges when implementing CNAPP. These include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Visibility Limitations<\/strong> &#8211; While CNAPPs aim to provide comprehensive visibility into cloud-native environments, they might not fully capture all interactions or detect all types of vulnerabilities. They cannot accurately pinpoint the source of the vulnerability or risk, and cannot guide developers which line of code or library to fix. In addition, they lack visibility into (and protection of) legacy applications. This partial visibility can leave blind spots for attackers to exploit.<\/li>\n\n\n\n<li>\n<strong>Application Security <\/strong>&#8211; While CNAPP tools cover the runtime aspect of cloud-native applications, they lack the ability to identify and detect vulnerabilities and malicious code before they become an expensive security risk. Cloud-native application security is able to identify and remediate the vulnerability in code, together with developers, providing quick and accurate fixes before they reach customers and incident response or SOC teams.<\/li>\n\n\n\n<li>\n<strong>Shared Responsibility Model<\/strong> &#8211; Public cloud providers like AWS, GCP and Azure provide a certain layer of security to cloud infrastructure. However, they do not protect the cloud end-to-end. Inexperienced use of CNAPP might lead to security issues falling between the cracks. It\u2019s important to understand which aspects the cloud provider protects and how to complement its controls.<\/li>\n\n\n\n<li>\n<strong>Integration Challenges<\/strong> &#8211; CNAPPs need to integrate seamlessly with various components of the cloud-native ecosystem, such as CI\/CD pipelines, container orchestration tools and cloud service providers. Incompatibilities or integration issues can hinder their ability to provide complete coverage and real-time threat detection.<\/li>\n\n\n\n<li>\n<strong>Configuration Errors<\/strong> &#8211; Misconfiguration of CNAPP tools can lead to significant security gaps. Since CNAPPs often require complex setups to monitor and protect a dynamic cloud environment effectively, incorrect configurations can expose applications to threats.<\/li>\n\n\n\n<li>\n<strong>False Positives\/Negatives<\/strong> &#8211; Effective threat detection depends on the accuracy of the CNAPP\u2019s analysis capabilities. High rates of false positives can lead to alert fatigue among security teams, while false negatives can mean serious threats go unnoticed.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-7\">CNAPP vs. Cloud Native Application Security<\/h2>\n\n\n\n<p>There are two main and complementary approaches to securing applications: <a href=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-cnas-best-practices\/\">Cloud Native Application Security<\/a> and CNAPP. While they share the goal of safeguarding software, they differ in scope, approach and implementation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Security Scope<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Cloud Native Application Security<\/strong> specializes in application security, integrating closely with the development and deployment processes. This includes both cloud-native and legacy applications, and covers the entire SDLC.<\/li>\n\n\n\n<li>\n<strong>CNAPP<\/strong> covers security across networks and infrastructure in runtime, and is limited to cloud environments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Visibility and Control<\/h3>\n\n\n\n<p>Both Cloud Native Application Security and CNAPP offer visibility. While <strong>CNAPP<\/strong> provides comprehensive visibility and control over the cloud infrastructure, <strong>Cloud Native Application Security<\/strong> connects visibility into actionable remediation guidance developers can implement before issues go live, seeing the entire development cycle from coding to deployment.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Development Integrations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Cloud Native Application Security<\/strong> integrates security practices into the DevOps pipeline, ensuring security is considered throughout the development and deployment process and involving developers in the process.<\/li>\n\n\n\n<li>\n<strong>CNAPP<\/strong> is focused on runtime, working with DevOps but also IT and security professionals.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-8\">Benefits of Cloud Native Application Security vs. CNAPP&nbsp;<\/h2>\n\n\n\n<p>Should you choose cloud native application security or CNAPP solutions? The two categories complement each other. Here are the benefits of each:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">CNAPP Benefits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Broad scope<\/strong> &#8211; CNAPPs cover a broad range of security aspects, including CSPM, CIEM (IAM) and CWPP. They do not cover AppSec or legacy applications.<\/li>\n\n\n\n<li>\n<strong>Cloud Environment Visibility<\/strong> &#8211; CNAPP solutions provide an overarching view of the cloud environment, identifying misconfigurations, compliance issues and vulnerabilities across the entire infrastructure.<\/li>\n\n\n\n<li>\n<strong>Runtime Security<\/strong>&#8211;\u00a0 CNAPPs offer runtime insights, detecting vulnerabilities and threats in live environments. They help prioritize which live vulnerabilities to address first, based on real-time data.<\/li>\n\n\n\n<li>\n<strong>Streamlined Cloud Security<\/strong> &#8211; CNAPP consolidation facilitates better coordination between security teams, reduces complexity and improves overall security posture.<\/li>\n<\/ul>\n\n\n\n<p>However, CNAPPs\u2019 focus on cloud infrastructure and runtime means they lack specialization in AppSec and the development aspect of applications. As a result, they cannot help detect vulnerabilities and risks before they go live, which is a more cost-effective approach. This also means they are not a developer-friendly tool, which makes security fix implementation more challenging. In addition, CNAPPs only secure cloud-native applications, but they do not provide protection for non-cloud, legacy apps, which many enterprises rely on.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cloud-Native Application Security Benefits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Early Detection<\/strong> &#8211; Cloud-native application security emphasizes identifying and addressing vulnerabilities during the development phase, before applications go live.<\/li>\n\n\n\n<li>\n<strong>Specialized Tools<\/strong> &#8211; <a href=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-application-security-enterprise-guide\/\">Cloud-native application security tools<\/a>, such as Static Application Security Testing (SAST) and Software Composition Analysis (SCA), are highly specialized and effective in finding and fixing code-level issues.<\/li>\n\n\n\n<li>\n<strong>Developer-Friendly <\/strong>&#8211; Cloud-native application security solutions are designed to integrate seamlessly with CI\/CD pipelines, making it easier for developers to incorporate security into their workflows and building trust between developers and security teams.<\/li>\n\n\n\n<li>\n<strong>Granular Insights <\/strong>&#8211; They provide detailed insights into the codebase, helping developers understand and fix vulnerabilities down to the line of code.<\/li>\n\n\n\n<li>\n<strong>Support for All Applications<\/strong> &#8211; Unlike CNAPPs, which primarily focus on cloud-native environments, cloud-native application security can also address vulnerabilities in legacy and non-cloud applications that companies continue to rely on.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-9\">Checkmarx Cloud Native Application Security Solution&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/checkmarx.com\/product\/application-security-platform\/\">Checkmarx&#8217;s cloud application security platform<\/a>, Checkmarx One, offers a unified solution to secure applications from development to deployment. The platform integrates seamlessly into the SDLC and DevSecOps pipelines, ensuring comprehensive security across code, APIs, containers and infrastructure, both in the cloud and for legacy applications. Checkmarx reduces false positives, uses AI to enhance productivity, builds dev-sec trust, reduces TCO and improves security outcomes. This is done by identifying issues early and accurately pinpointing vulnerabilities and providing developers with accurate guidance on remediating issues.<\/p>\n\n\n\n<p>Capabilities of Checkmarx One&#8217;s cloud application security platform include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Static Application Security Testing (SAST)<\/li>\n\n\n\n<li>Dynamic Application Security Testing (DAST)<\/li>\n\n\n\n<li>Software Composition Analysis (SCA)<\/li>\n\n\n\n<li>Software Bill of Materials (SBOM)<\/li>\n\n\n\n<li>Software Supply Chain Security (SSCS)<\/li>\n\n\n\n<li>API Security<\/li>\n\n\n\n<li>Container Security<\/li>\n\n\n\n<li>Infrastructure as Code (IaC) Security<\/li>\n<\/ul>\n\n\n\n<p>Checkmarx secures applications, since CNAPP lacks the ability to provide comprehensive application security. Checkmarx integrates with leading CNAPP providers like Wiz and Sysdig to provide comprehensive visibility that drives early remediation, for both AppSec managers and developers.&nbsp;Learn more about how Checkmarx can secure your applications by <a href=\"https:\/\/checkmarx.com\/request-a-demo\/\">requesting a demo.<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-10\"><strong>The Ultimate Code to Cloud Checklist\u00a0<\/strong><\/h2>\n\n\n\n<p>Protecting your applications from code to cloud means that security is engrained in every step of the software development lifecycle (SDLC), starting from the very first line of code.\u00a0<br>If you&#8217;re looking to unlock the secrets of an effective enterprise code to cloud AppSec strategy, we\u2019re here to help you get started!<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/info.checkmarx.com\/code-to-cloud-checklist-2024?utm_source=glossary&amp;utm_medium=organic&amp;utm_campaign=SEO\/\"><img decoding=\"async\" width=\"800\" height=\"800\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Code-to-Cloud-implmentation-checklist.jpg\" alt=\"ultimate code to cloud checklist download\" class=\"wp-image-96943\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Code-to-Cloud-implmentation-checklist.jpg 800w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Code-to-Cloud-implmentation-checklist-300x300.jpg 300w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Code-to-Cloud-implmentation-checklist-150x150.jpg 150w, https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/Code-to-Cloud-implmentation-checklist-768x768.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>\u00a0<\/p>\n\n\n\n<p><a href=\"https:\/\/info.checkmarx.com\/code-to-cloud-checklist-2024?utm_source=glossary&amp;utm_medium=organic&amp;utm_campaign=SEO\">Download<\/a> our free printable checklist now to start protecting your enterprise applications from code to cloud! <\/p>\n\n\n\n<p><\/p>","protected":false},"author":32,"featured_media":106858,"parent":0,"menu_order":0,"template":"","meta":{"_acf_changed":false,"footnotes":""},"learn-cat":[852],"class_list":["post-96941","learn","type-learn","status-publish","has-post-thumbnail","hentry","learn-cat-code-to-cloud-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What is CNAPP?<\/title>\n<meta name=\"description\" content=\"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is CNAPP?\" \/>\n<meta property=\"og:description\" content=\"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-24T14:08:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\"},\"author\":{\"name\":\"Rebecca Spiegel\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/a3ab30b42e891e3562aa46a70bbb0674\"},\"headline\":\"What is CNAPP?\",\"datePublished\":\"2024-07-31T13:01:26+00:00\",\"dateModified\":\"2026-03-24T14:08:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\"},\"wordCount\":1915,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\",\"url\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\",\"name\":\"What is CNAPP?\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp\",\"datePublished\":\"2024-07-31T13:01:26+00:00\",\"dateModified\":\"2026-03-24T14:08:12+00:00\",\"description\":\"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp\",\"width\":1200,\"height\":600,\"caption\":\"Code to Cloud Security Knowledge hub cover\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/a3ab30b42e891e3562aa46a70bbb0674\",\"name\":\"Rebecca Spiegel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_32.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_32.jpg\",\"caption\":\"Rebecca Spiegel\"},\"url\":\"https:\/\/checkmarx.com\/author\/rebecca\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is CNAPP?","description":"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/","og_locale":"en_US","og_type":"article","og_title":"What is CNAPP?","og_description":"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.","og_url":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2026-03-24T14:08:12+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/"},"author":{"name":"Rebecca Spiegel","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/a3ab30b42e891e3562aa46a70bbb0674"},"headline":"What is CNAPP?","datePublished":"2024-07-31T13:01:26+00:00","dateModified":"2026-03-24T14:08:12+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/"},"wordCount":1915,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/","url":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/","name":"What is CNAPP?","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp","datePublished":"2024-07-31T13:01:26+00:00","dateModified":"2026-03-24T14:08:12+00:00","description":"CNAPP protects cloud applications\u2019 network and infrastructure. Here\u2019s how CNAPP works and how to overcome its drawbacks with modern AppSec solutions.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/learn\/cloud-security\/what-is-cnapp\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/03\/code-to-cloud-security.webp","width":1200,"height":600,"caption":"Code to Cloud Security Knowledge hub cover"},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/a3ab30b42e891e3562aa46a70bbb0674","name":"Rebecca Spiegel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_32.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_32.jpg","caption":"Rebecca Spiegel"},"url":"https:\/\/checkmarx.com\/author\/rebecca\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/96941","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/learn"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/32"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/96941\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/106858"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=96941"}],"wp:term":[{"taxonomy":"learn-cat","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn-cat?post=96941"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}