Techscape for Startups in Cloud and Application Security | MSSP Alert

Guest blog courtesy of Skyhawk Security.

Skyhawk Security recently announced at RSA 2025 an expansion of our AI-Powered Purple Team to secure cloud applications and how they interact with the cloud infrastructure they are hosted on. This new capability identifies weaponized risks in cloud applications, the way these interact with the cloud infrastructure, the blast radius (reachability analysis), potential impact on crown jewels to prioritize risks based on business impact and continuously monitors threats across applications and infrastructure, without agents.

It protects against today’s biggest cloud security issue, one exploited in recent attacks including the MOVEit Transfer breach, the XZ Utils backdoor, a Google Cloud metadata exposure via a web application flaw and Log4j and Log4Shell—thus closing the gap between application security and cloud infrastructure monitoring preemptively, before the attack even starts. These attacks caused massive disruptions and shared a common approach—initially compromising all layers of modern cloud applications, application workload and cloud layers.

In our opinion, this is a very timely announcement as Gartner recently included Skyhawk Security in research that covered this important trend. Key findings included are:

Skyhawk’s platform proactively identifies weaponized risk in your cloud, across all layers of cloud applications (application, host and cloud level) and their interactions. The risks are prioritized based on the business value (In CTEM terms, Scoping and Discovery) of the asset impacted by that weaponized risk. The coverage of application vulnerabilities, infrastructure vulnerabilities, misconfigurations and sensitive data discovery are at the core of the data feeds going into the platforms. This in-depth analysis allows customers to:

Skyhawk’s Purple Team – a unique approach according to Gartner:

“Other unique approaches, such as intelligent simulation through the use of AI assistants to assess security threats and security posture, offer proactive cloud security.”

Skyhawk’s unique approach is a true innovation solving the new risks customers are facing with the rise of AI based attacks.

“Generative AI-driven threats are challenging current cybersecurity strategies, rendering traditional reactive approaches obsolete. Product leaders must adopt preemptive solutions to stay ahead or risk being outpaced in the escalating battle against sophisticated attacks.”[1]

In that context, it is important to note that while eBPF platforms add host/application-level observability, they are still reactive threat detection approaches.

We believe, the key benefits align very well to these Gartner insights:

“Early stage startups are focusing on cloud runtime security with detection and response capabilities. They emphasize integration with SecOps for proactive threat management by automating processes and using advanced tools for continuous monitoring, real-time analytics, anomaly detection, and automated incident response.”

“AI and automation are key to improving security efficiency and addressing resource shortages. Product leaders should invest in AI-driven tools to automate routine tasks, ensuring human oversight and validation metrics.”

Skyhawk Security Platform is an agentless Cloud and Application Threat Detection and Response (CADR, CDR) that revolutionizes cloud security with preemptive, interactive, and application threat detection and response in one platform. It contextualizes the detections with the business value of the cloud assets, so security teams prioritize the most consequential alerts based on risk to their business with an agentless cloud security platform.

Skyhawk’s threat detection and response sorts and correlates through thousands of events to detect malicious activities in real-time to prevent cloud breaches, eliminating alert fatigue by reducing tens of thousands of events to dozens of alerts. The platform’s purple team simulates attacks against a Digital Twin of the cloud environment, from the application to the cloud infrastructure it is interacting with, uncovering weaponized threats and attack paths a threat actor will exploit. These threats are then prioritized by the business value of the at-risk asset. This prepares the cloud defenses and security teams, so when there is an event, they can act fast. Skyhawk Security enables security teams to take a proactive approach to cloud security for the very first time.

Skyhawk Security prepares cloud security teams in a comprehensive way so they can achieve their goal - to prevent cloud breaches, saving the company’s brand and reputation, while protecting employees and customers.

If you don’t know where to start with your preemptive cybersecurity strategy, try Skyhawk Security for free – sign up today!

Gartner subscribers can read the full report at www.gartner.com.

Gartner, Emerging Tech: Techscape for Startups in Cloud and Application Security by Mark Wah, Charanpal Bhogal, Shailendra Upadhyay, Mark Driver Published April 4, 2025

[1] Gartner, Emerging Tech: Build Preemptive Security Solutions to Improve Threat Detection (Part 2) by Luis Castillo Published April 2, 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.