Gartner released a “Market Guide for Cloud Workload Protection Platforms” in the April of 2019. Trusted Access Technologies, formerly Security Code was again mentioned as a representative vendor of security solutions mentioned in the report.
According to Gartner “At YE18, we estimated that the CWPP market was in the range of $600 million to $700 million in revenue with aggregate double-digit year-over-year growth.” (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4).
The analytical company highlights the following trends that have influenced the growth of the market:
- Workloads are being moved from on-premises to public cloud IaaS, and the overall number of IaaS workloads is growing.
- In public cloud IaaS, workload-centric host-based CWPP solutions provide an easier architectural option for enforcing security policy than traditional in-line network-based security controls. Workload-based offerings automatically scale out and back as the number of workloads increases and decreases.
- Likewise, the need for pervasive Secure Sockets Layer/Transport Layer Security (SSL/TLS) decryption and inspection is performed more easily at the host workload where the session is terminated versus having to decrypt traffic in line using “man-in-the-middle” approaches. This is especially true for inspecting traffic that moves laterally east/west from service to service in microservices-based architectures.
The shift to cloud-native application development using container-based application architectures, microservices-based applications and adoption of serverless PaaS will require new CWPP capabilities both in development and at runtime. Cloud-native apps require solutions designed to address the protection requirements of cloud-based systems. (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4)
There are two distinct markets – for agents who are put on servers and protect them (Cloud Workload Protection Platforms (CWPP)) and the adjacent Cloud Security Posture Management (CSPM) market, which is important for the full implementation of a secure cloud.
In this way, CWPP solutions protect servers from within, while CSPM solutions exercise external control over server machines in the cloud.
Source: Gartner, Market Guide for Cloud Workload Protection Platforms, 8 April 2019
The security code’s vGate product can provide CSPMsecurity: delineation of access to virtual machines, network configuration, storage configuration, access rights management virtual environment administrator. As a result, the solution significantly reduces the risks of IB in large virtualization environments.
Together with the Secret Net Studio product, which protects every single virtual machine and falls into the CWPP solution category, they are a holistic solution for the protection of virtual and physical servers. Secret Net Studio is a comprehensive solution to protect workstations and servers at the level of data, applications, network, operating system and peripheral hardware.
Recall that the basis of the platform for server protection is a set of mechanisms, which we talked about last time: the basis is operational hygiene – a set of basic measures that significantly reduce the risks ofIB. configuration and vulnerability management, network traffic filtering, system integrity control, app start-up control, RAM protection, data encryption in IaaS environment, EDR server activity monitoring, system intrusion detection, false vulnerability detection system, signature antivirus.
“We are grateful to Gartner for including us as a representative vendor for the second year in a row. We believe this indicates a continuing high level of confidence of independent analysts in our products and is especially relevant, given our serious actions to enter the international market,” said Andrei Golov, CEO of Security Code.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Find out more
The Security Code is a Russian developer of software and hardware that protects information systems and meets international and industry standards. nine licenses of fsTEK of Russia, the Fsb of Russia and the Ministry of Defense of the Russian Federation. More than 60 valid certificates issued by these authorities confirm the high quality of products and allow them to be used in information systems with the most stringent security requirements. The company’s products are used to protect confidential information, trade secrets, personal data and information that constitutes state secrets.
There are currently more than 400 qualified professionals in the Security Code, many of whom have unique expertise in the development of IB solutions. More than 900 authorized partners of the company supply its products and provide their quality support in all regions of Russia and CIS countries. More than 32,000 government and commercial organizations trust and use Security Code products to protect workstations, servers, virtual infrastructures, mobile devices, and network interactions across all information components Systems.
vGate is an information protection tool designed to ensure the security of virtual infrastructures based on VMware vSphere and Microsoft Hyper-V platforms, as well as the critical task of bringing virtualization infrastructure into line legislation, industry standards and the world’s best practices.
Secret Net Studio is a comprehensive solution for protecting workstations and servers that protects information simultaneously at the data, application, network, operating system, and peripheral equipment level, and enables you to implement centralized management and monitoring of all security mechanisms with the ability to collect, correlate, filter and prioritize information security events. The product is available in two editions: Secret Net Studio – to protect sensitive information and Secret Net Studio – C – to protect state secrets.