Cloud Workload Protection Platform (CWPP) as defined by Gartner is a “workload-centric security solution that targets the unique protection requirements” of workloads in modern enterprise environments.
Workloads in modern environments have evolved to include physical servers, virtual machines (VMs), containers, and serverless workloads.
Figure 1: Security Evolution Across Workloads
These workloads provide the underlying computing, transport (network), and storage of the data that deliver application functionality have evolved. As illustrated in Figure 1, they are shrinking with a focus on a smaller, more specific task that lends itself to the overall application.
These workloads often reside on-premise, in colocation-type environments like third-party datacenters or in the public cloud.
Finally, depending on its type and the application it supports, a workload may be persistent or non-persistent. While a server is expected to be in place and functioning for years, VMs may be spun up on a monthly or weekly basis and containers may only be used one time and discarded.
The ability to apply protection to ever-shrinking workloads that may be on-premise or in the cloud and may or may not persist in the environment means that the very nature of the techniques and solutions to secure them have to change.
As a result, CWPP has evolved to be distinct from Endpoint Protection Platforms (EPP). It is specifically focused on the protection of workloads regardless of type or location. A well-architected CWPP solution will also work seamlessly with a Cloud Security Posture Management (CSPM) solution.