Frost & Sullivan said cloud security is shifting its focus from simply gaining visibility to reducing risk in a context-based way, in its 2026 Frost Radar report on cloud-native application protection platforms (CNAPP).

The report said security teams are being flooded with signals as multicloud, Kubernetes, APIs and AI workloads spread, making it a key task to judge which combinations of vulnerabilities, identities and data exposure pose the greatest risk rather than identifying risks individually.

It assessed that CNAPP is evolving from a suite of posture management and workload protection tools into an integrated platform that links signals across code, cloud, runtime and security operations centre workflows to continuously prioritise risk.

The report said 5 elements are central to next-generation CNAPP platforms. They include building an integrated platform instead of point solutions, integration across code, cloud and SOC, prioritising risk based on exploitability rather than severity, linking identity, data and application context, and expanding coverage to AI workloads.

The report recommended that security leaders check whether platforms can link identity, endpoint, data, cloud and runtime signals, cover the full code-to-cloud lifecycle, and prioritise risk based on exploitability rather than severity.