Join our daily and weekly newsletters for the latest updates and the exclusive content on AI coverage. Learn more
Real history: speed and safety on a DevOps scale
The real story behind Google Acquire Wiz is how the speed need dominates the applications, models and platforms of each company of each company without sacrificing security.
By acquiring WIZ, Google obtains a Native Application Protective Platform Infused at AI (CNAPP) designed to eliminate DevSecops strangulation bottlenecks, prevent attacks by and on development models, prevent cloud breaches and evolve multi-cloud safety in real time. The WIZ CNAPP platform has acquired a global reputation using AI to improve its detection of threats, predictive analyzes, automated repair and reduction of false positives.
WIZ will integrate Google’s risks, threat intelligence and automated sanitation, which are all table issues to protect each stage of the development of application -based apps and models. It is a solid contribution to the safety engine based on WIZ graphics designed to find and contain attack paths instantly, prioritize real risks and help the security teams to identify and correct vulnerabilities before being exploited.
Google paying $ 32 billion in cash signals how urgent the need for speed is between the DevOps cycles which have requested a CNAPP platform led by the AI which can flex and evolve to follow the more complex Devops cycles.
“While Google Cloud Platform (GCP) has invested in integrated CNAPP capacities for the native security of their own platform successfully, these tools were mainly concentrated solely on the protection of GCP termination / active points,” said Andras CSER, vice-president and main analyst at AT at GCP AT Fork.
CSER added: “After the early acquisition of Microsoft in 2021 from Cloudknox and the development of Defender for Cloud, Google feels the pressure to offer a real multicolial CNAPP tool Multi-Cloud. »»
Google has just made Cnapp Formula 1 for cloud safety
In professional races, as in DevOps, the teams are obsessed with the pressing of the last ounce of speed of their engines or their code. Knowing that a few milliseconds won by reducing the drag on a Formula 1 car or making slight engine improvements, the difference between a winning season or not.
CNAPP is one of the engines that DevOps and DevSecops teams rely to reduce risks, block intrusions and violations, and provide a 360 view of CI / CD pipelines to ensure that they are secure. Having a CNAPP which is led by AI offers more precise correction and orientation, a contextual intelligence of threats and blocks attempts to intrusion on the CI / CD pipelines protecting the code.
“While WIZ is the most focused on the CNAPP, the company’s product offers are bleeding in the safety space traditional applications, with container and Kubernetes safety parts. Recently, WIZ has extended to security in the software development phases with software composition analysis (SCA), IAC Scanning and Secrets Scanning, as well as diving in the use of the software supply chain with a position of materials (SBOM) and CD / CD / CD safety posture. Rivating with suppliers of applications safety tests and other CNAPP suppliers who “shifted to the left,” said Janet Worthington, Senior Analyst of Forrester.
DevOps teams are constant, increasing pressure to deliver. With bonuses that often go up if a delivery date for the code is respected, security is nailed at the end of a CI / CD cycle or the product calendar. Venturebeat has learned that the typical 1,000 IT service has more than 175 active and simultaneous devops operating at the same time, many that have no coherent cloud application security. In other words, these 175 projects work in a variety of unprotected cloud environments without a common CNAPP platform to protect them. This endangers the entire DEVOPS pipeline which is a decision taken to reduce the marketing time which leaves dozens of risk projects.
Why Google doubled on Wiz
Google’s ambitions to develop Google Cloud Platform (GCP) needed a cybersecurity platform that could go from start to finish, protect DevOps and strengthen DevSecops while taking advantage of AI to offer a real-time threat detection, automated remedy and complete cloud security.
The real objective of this acquisition is to have a unified CNAPP solution capable of securing everything, from code to cloud to the other, ensuring that security no longer slows down development but accelerates it. Risk analysis, the risks of attack and the multi-cloud security of WIZ, give GCP a competitive advantage, making it a viable competitor in a market increasingly congested by companies with speed, scale and resilience in cloud safety.
“Google has invested massively in applications safety tools which protect the applications deployed not only in GCP, but in other clouds (and on-site). Google’s investment in its Cloud armor platform has added web application firewall features which is competitive not only with Microsoft and AWS, but with other WAF analyst suppliers. Carielli.
“In the past few months, Google has started to extend its API management product, APIGEE, in wider API security use. Although there are still shortcomings to fill, adding WIZ to combined cloud armor, recaptcha and apigance offers are closer to a holistic defense history for cloud applications,” continued Carielli.
Google needed a CNAPP unified by AI to turboch its cybersecurity activity. Whoever brings together the management of the safety posture, the protection of the workload, the advanced detection of threats in a high performance safety engine. Mistes by having a partitioned approach to security in the past, Google now seeks to have an adaptive and flexible platform that can ensure safety at the development of cloud applications.
Before this agreement, the GCP security tool box was solid, but evidenced by its Chronicle SIEM, Mandiant Threat Intel and a wide variety of partner solutions that have created roadblocks through the CI / CD pipeline. The acquisition of WIZ packed a major gap in their cybersecurity strategy by providing an integrated AI platform focused on AI which scans cloud environments in a few minutes and identifying the risks in real time.
CNAPP has a fast lane with informed competitors of AI
THE CNAPP global market was estimated at around $ 9.79 billion in 2023 and is expected to reach $ 38.01 billion by 2030, increasing at an annual growth rate (TCAC) by around 21.8% during the forecast period. Gartner notes that the end user calls on CNAPPs increased from 29% from 2023 to 2024, emphasizing the management of the safety posture of the cloud (CSPM) motivated by compliance and easy deployment of API, with expectations of visibility and execution control.
“The detection and response of Wiz Offense Wiz Defend keys adopt a different approach to the detection and response of the cloud. Instead of counting on the detection capacities integrated in its own cloud protection tools, it offers a unified tool only for detection and response which takes alerts and data to the lightness of detection. ”
“This reduces the cloud alert volumes at a critical moment. With this acquisition, it will put pressure on other suppliers to consolidate in the same way – a great victory for the safety operations teams,” said Mellen.
The CNAPP market is increasingly becoming Formula 1 for cloud safety, with Google, Microsoft, Palo Alto Networks, Crowdstrike and Check Point leading.
- Check the Cloudguard point: A CNAPP solution designed for multi-cloud safety, execution protection and automated compliance application. Agent security and without Cloudguard agent helps protect workloads, Kubernete environments and server -free applications.
- Crowdsstrike Falcon Cloud Security: Going from cloud terminal security, Crowdstrike brings its intelligence management on threats to CNAPP. Falcon Cloud Security provides visibility of the Cloud code, an IAC scanner and detection of execution threats, strengthening the prevention of proactive violations.
- Microsoft Defender for Cloud: A deeply integrated CNAPP which extends to Azure, AWS and GCP, providing execution protection, identity security and information on AI threats. With the security co -pilot, Microsoft takes advantage of the generative AI to automate the detection and sanitation of threats.
The other CNAPP suppliers on the market include Aqua Security, LaceWork, Orca Security, Palo Alto Networks, Sentineone, Sysdig and Trend Micro offering all solutions for cloud safety, workload protection and posture management.
The CNAPP race compatible with AI has only just started
Google’s decision to make their greatest acquisition in its history indicates that they see the pain of slow processes to be clarified in companies that they can quickly turn into a new profitable part of their cybersecurity business. CNAPP is the racing engine that their lawsuits and current customers are looking for.
For CISOs and security leaders, the main dishes to remember are clear: the future of cloud safety belongs to platforms that integrate AI, automate risk detection and offer complete visibility in multi-cloud environments. The question of whether Google’s CNAPP propelled by Google will take the lead will depend on the way it fits as a result of AI intelligence and security operations in Google.
Conclusion: Companies need CNAPP solutions fed by AI to rationalize CI / CD security and reduce the cloud safety load in DevOps teams. Competition between suppliers – led by Google’s thrust powered by Google – will be won by those who best integrate AI, automate risk detection and offer complete visibility in multi -slop environments.
