Request for Comments on CWP Methodology 

AUSTIN, Texas – August 1, 2019 – NSS Labs, Inc., a global leader and trusted source for independent, third-party cybersecurity product testing, today announced that it is developing a Cloud Workload Protection Group Test (CWP) with results to be released in 2020.

Gartner, Inc. defines cloud workload protection platforms as workload-centric security offerings that target the unique protection requirements of server workloads in modern hybrid, multicloud data center architectures. CWP platforms should provide consistent visibility and control for physical machines, virtual machines, containers, and serverless workloads, regardless of location. The market for CWP includes more than 40 representative vendors[1]. For a CWP product to be considered, it must be capable of detecting threats that target cloud workloads and take preventative action against them. Enterprises and vendors are encouraged to provide feedback on the CWP Test Methodology.

Cloud security is a critical component of any cloud migration strategy and must be implemented effectively in order to protect customers’ applications and data. NSS Labs believes it will take longer than five years for enterprises to transition to cloud-native applications. In the meantime, enterprises are adopting hybrid cloud architectures as a way to leverage existing on-premises resources alongside public Infrastructure as a Service (IaaS) offerings.

Hybrid cloud architectures offer security teams the time to explore business impact and properly assess risk. CWP products protect private, public, and hybrid cloud-resident workloads from common threat scenarios, limiting the opportunity for an attacker to gain a foothold and cause further harm. A CWP product is expected to provide visibility and protection, since both capabilities are required to understand the nature of a threat and effectively protect against damage or mitigate outcomes.

“NSS Labs’ assessment of the cloud workload protection market has made it clear that enterprises have a high level of interest in CWP products,” said Jason Brvenik, Chief Executive Officer at NSS Labs. “We look forward to receiving feedback from both enterprises and security vendors.”

NSS Labs is committed to providing empirical data and objective group test results that help organizations make educated decisions about purchasing and optimizing security products and services. We believe if a product is good enough to sell, it is good enough to test. If you do not see a product you are interested in, ask the vendor where its results are and encourage participation.

As with all NSS Labs group tests, there is no fee for participation, and the test methodology is available in the public domain to provide transparency and to help enterprises understand the factors behind test results.

1. Gartner, Inc. “Market Guide for Cloud Workload Protection Platforms,” by Neil MacDonald, April 8, 2019