Cloud Security Posture Management Completes Cloud Native Security

Shaun Donaldson

March 07, 2024

Cloud Security Posture Management Completes Cloud Native Security

The organizations we talk to, the analysts we engage with, and the partners of all shapes and sizes who help us solve customer problems said the same thing – if you really want to provide Cloud Native Security, you need Cloud Security Posture Management (CSPM). It also needs to be integrated in GravityZone, and it needs to be really, really good. Finally, it must include ways we can cover cloud infrastructure entitlements and map it all to compliance.

In response, we are launching GravityZone CSPM+, today. While it is no secret that our teams have been working on this since our acquisition of Horangi, the short time from the acquisition to delivering CSPM+ integrated within GravityZone clearly demonstrates that modular platforms and well-designed solutions can rapidly deliver seamless outcomes.

What is CSPM+?

CSPM is a part of cloud native security – also called Cloud Native Application Protection Platform (CNAPP) if you follow Gartner. The concept behind CSPM is simple – as public cloud grew and more platform features were added, the number of configurations also grew. Teams can now be faced with thousands of platform settings, and they must deliver functionality as soon as possible. This leads to understandable problems with:

  • Visibility into the resources that are running on public cloud
  • Understanding of misconfigurations which can leave security gaps

GravityZone CSPM+ takes minutes to set up, quickly identifies cloud resources, and provides details with actionable information about misconfigurations which an attacker can take advantage of. In this, automation is key – CSPM+ not only identifies where weaknesses are by investigating thousands of signals from your cloud providers, and presenting results in a way administrators can understand, but it also provides actionable guidance and insight.

CSPM+ is a part of GravityZone which is itself a cloud-based solution delivered from provider zones in the United States and Europe. As part of this launch, Bitdefender teams have worked with cloud partners to deliver a Singapore-based hosting region, expanding available options for our partners and customers.

What is the +?

The posture of your cloud environment isn’t just about platform configuration, it’s also about identities. Most people are used to thinking about identities as user accounts which are assigned to humans. That is still true, but identities are also assigned to services, like web servers or databases. Every identity should have the least required permissions because the result of an over-privileged identity being compromised (or the service which uses it) can be devastating.

Cloud Infrastructure Entitlement Management (CIEM) is included in GravityZone CSPM+. Think of it as Identity and Access Management (IAM) security for cloud.

GravityZone CSPM+ assembles details about identities and entitlements, stitches them together, and presents them graphically so administrators can visually identify over-privileged accounts.

How does this help with compliance?

GravityZone CSPM+ has an in-depth view of configuration and identity settings. It also goes a step further by mapping these settings against rules and best practices which include compliance standards such as PCI DSS, NIST, APRA, GDPR, ISO 27001, and others. What would otherwise be a significant burden on security and operations teams becomes automated with CSPM+.

What is the broader cloud native view?

CSPM is only part of what organizations need to embrace cloud with confidence. CSPM is part of prevention (limiting the attack surface) and needs to be followed by protection (defeating active threats at the workload and container level), and detection and response (at the endpoint with endpoint detection and response and across the enterprise with extended detection and response).

Bringing CSPM and Cloud Workload Security together in a single platform from a single vendor with management from a single console brings a lot of technology together. A single platform means there is one source that rolls up data and transforms it, via Incident Advisor, into human-readable graphical representations of incidents with actionable outcomes. Consolidation together with powerful automation allows administrators to get right to the point, saving time, reducing management burden, and shortening the time to positive security outcomes.


Teams which are focused on delivering business outcomes don’t have the luxury of having parallel teams providing security at every step. Security and delivery are increasingly streamlined, and the platforms teams use must deliver human-actionable outcomes to reduce risk and increase compliance. Bitdefender has delivered GravityZone CSPM+ to help move your teams forward.

Contact an expert



Shaun Donaldson

Shaun Donaldson is Editor-at-large at Bitdefender Enterprise. Shaun is also responsible for supporting relationships with strategic alliance partners and large enterprise customers, and analyst relations. Before joining Bitdefender, Mr. Donaldson was involved in various technology alliances, enterprise sales and marketing positions within the IT security industry, including Trend Micro, Entrust, Bell Security Solutions and Third Brigade.

View all posts

You might also like