10 Hot New Cloud And Code Security Tools In 2024

Evolving threats to cloud, code and AI systems are driving the introduction of new tools from major security industry vendors.

Cloud And Code Security Tools To Know

With threats targeting cloud environments and AI-based applications continuing to surge, demand for cloud and code security tools leveraging the latest advancements in detection and prevention is likely to continue unabated. Analysts at research firm Gartner recently forecast that spending on security software will grow 14.2 percent in 2025, year-over-year, to reach $100.69 billion. Notably, the increased spending is expected to be driven in part by GenAI-enabled attacks, Gartner predicted.

An executive at cybersecurity powerhouse Optiv told CRN that it’s not surprising to see that major growth for cybersecurity spending is being forecast for 2025. “I believe this second half [of 2024] will be strong, and I think next year will be even stronger,” said Scott Goree, senior vice president for partners, alliances and ecosystems at Denver-based Optiv, No. 25 on CRN’s Solution Provider 500 for 2024.

When it comes to cyberthreats that are weighing on customers, Goree pointed to the expansion of emerging threat vectors such as attacks powered by GenAI as a growing focus.

Adoption of a CNAPP, or cloud-native application protection platform, remains a growing priority for many organizations, meanwhile. CNAPP combines capabilities for cloud and code security into a unified platform — improving cloud threat prioritization and making it easier for security teams to manage the tools, according to Gartner, which coined the term. Core CNAPP capabilities include a variety of tools: Cloud security posture management (CSPM), cloud workload protection (CWP), cloud infrastructure entitlements management (CIEM) and more.

CNAPP is critical in part because when it comes to protecting the cloud and applications, it’s become clear that tools for improving cloud visibility through spotting misconfigurations are not capable of fully protecting an organization, experts have told CRN.

As part of CRN’s Cybersecurity Week 2024, we’ve collected details on 10 recently introduced cloud and code security products that’ve been on our radar, including from vendors such as Palo Alto Networks, Wiz, SentinelOne and CrowdStrike.

What follows are 10 hot new cloud and code security tools to know in 2024.

Aqua: LLM-Based App Security

Aqua Security in May debuted the latest enhancement to its “code to cloud” security offering with the launch of protection for LLM-based applications. The new capabilities will enable organizations to secure LLM-based apps both in terms of development and operation, the company said. Key functionality includes code integrity through deployment of scanning technology as well as real-time monitoring for LLM-based workloads and GenAI assurance policies to provide guardrails against risky usage of LLMs, according to Aqua.

CrowdStrike: Falcon Cloud Security AI-SPM

In September, CrowdStrike announced major updates to its Falcon Cloud Security offering including the introduction of AI security posture management (AI-SPM). The cybersecurity giant said the new tool will monitor for security issues involving AI services and LLMs running in the cloud — providing detection of misconfigurations, identification of vulnerabilities and remediation capabilities. Additionally, CrowdStrike unveiled its data security posture management (DSPM) offering for Falcon Cloud Security, leveraging the company’s acquisition this year of Flow Security.

Microsoft: Defender for Cloud Updates

During its Build 2024 conference in May, Microsoft announced it has upgraded Defender for Cloud to offer enhanced protection of AI apps. The product features AI security posture management capabilities for finding AI services, AI tools and vulnerabilities, the company said. Defender for Cloud has a native integration with Azure AI Content Safety so teams can monitor Azure OpenAl apps for direct and indirect prompt injection attacks, sensitive data leaks and other threats, according to Microsoft.

Netskope: GenAI-Powered SaaS Security

Netskope disclosed new updates to its CASB (cloud access security broker) offering that brings greater GenAI capabilities to protecting SaaS usage. With the addition of generative AI to its CASB offering on the Netskope One platform, the vendor said it is the “first” security service edge (SSE) provider to combine CASB with GenAI. The functionality includes the incorporation of a GenAI-powered engine into Netskope’s SaaS security risk categorization, which enables the offering to extract app context and then correlate that information with more than 50 SaaS app attributes, the company said.

Orca Security: Cloud Threat Detection and Response

Orca Security announced that it has expanded its capabilities for Cloud Detection and Response, including with the introduction of an enhanced user experience featuring an “event-driven” security dashboard. Orca also unveiled cloud-agnostic classification that classifies security events using “cloud-agnostic” terminology, in order to provide a common language to security teams spanning their CDR workflows, the company said. Additionally, Orca said that a unified event data stream and event-driven alerts are now available.

Palo Alto Networks: Cortex XSIAM for Cloud

Palo Alto Networks unveiled a product offering aimed at delivering new cloud security functionality through its XSIAM (extended security intelligence and automation management) security operations platform. The offering, Cortex XSIAM for Cloud, includes a new Cloud Command Center that provides comprehensive visibility around cloud assets, according to the cybersecurity giant. Meanwhile, the inclusion of a new cloud security agent as part of XSIAM for Cloud enables key capabilities such as cloud detection and response (CDR), the company said. Additionally, along with bringing together multiple cloud security tools, XSIAM For Cloud is also bringing cloud security data into one centralized data lake, the company said.

SentinelOne: Singularity Cloud Native Security

In May, SentinelOne announced the launch of its Singularity Cloud Native Security platform, which the company said combines both agent-based and agentless CNAPP capabilities to protect against cloud threats. Key functionality includes an “Offensive Security Engine” that provides simulation of attacker tactics that can enable detection and remediation of exploitable cloud assets, according to the company. The platform is built upon SentinelOne’s acquisition earlier this year of application protection specialist PingSafe.

Snyk: AppRisk Pro

Building on the debut last year of Snyk’s application security posture management (ASPM) offering, AppRisk, the developer security platform vendor announced the launch of an AppRisk Pro version. The offering includes key capabilities such as being able to trace back insecure portions of apps to specific components in the code that need to be fixed, the company said. Other major capabilities include the combination of “a unique level of prioritization” through developer-focused tools for vulnerability remediation and prevention, according to Snyk.

Tenable: Vulnerability Intelligence and Exposure Response

Tenable announced that it’s now offering additional “context-driven” features for prioritization and response — including in its Tenable Cloud Security platform — dubbed Vulnerability Intelligence and Exposure Response. The features represent an advancement through providing contextualization of vulnerability data, according to the company. This includes context from both internal and external sources, “enabling organizations to close the exposures that pose the greatest risks to their businesses,” Tenable said in a news release.

Wiz Code

In September, fast-growing cloud and AI security vendor Wiz unveiled its new offering for tracing security risks back to application code. The offering, Wiz Code, correlates potential attack paths and other cloud-related risks with the specific source code (and its developer), according to the company. Wiz Code also enables remediation for the discovered issues “directly within the code,” Wiz co-founder Yinon Costica wrote in a blog post. The ultimate result is an expedited process for addressing cloud- and code-related risks that is also more effective and done “right at the source,” Costica wrote.