A new IDC InfoBrief sponsored by Microsoft, titled “The Rise of Cloud-Native Application Protection Platforms,” has documented a significant evolution in how organizations approach cloud security. The research indicates a clear and decisive move away from fragmented, single-point security solutions toward integrated platforms.

The study surveyed IT and security leaders globally, revealing that the complexity of managing multiple security tools in multicloud environments has become a primary driver for this strategic change. Organizations are now prioritizing solutions that provide a unified view of security posture across their entire cloud estate.

Key Findings on Security Tool Consolidation

According to the IDC research, 78 percent of surveyed organizations are actively planning to consolidate their security vendors. This move is a direct response to challenges created by using dozens of disconnected security products. The InfoBrief found that the average organization uses more than 10 different security tools to protect their cloud resources, which creates visibility gaps and operational inefficiencies.

Furthermore, the report highlights that 65 percent of respondents experienced a cloud data breach in the past year, with many attributing the incident to misconfigurations or vulnerabilities that siloed tools failed to detect in time. The data shows a direct correlation between the number of security tools used and the likelihood of a breach.

The Emergence of CNAPP as the Standard

The research identifies Cloud-Native Application Protection Platforms (CNAPP) as the primary solution organizations are adopting to address these challenges. A CNAPP integrates multiple capabilities, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWP), into a single platform.

The IDC InfoBrief reports that organizations adopting a CNAPP strategy have seen a 45 percent reduction in security alerts on average, due to better context and prioritization. The research also points to the value of agentless capabilities within these platforms, which provide broad visibility into cloud workloads and configurations without impacting performance.

Source: https://www.microsoft.com/en-us/security/blog/2025/11/06/new-idc-research-highlights-a-major-cloud-security-shift/