With Wiz adding ”DSPM” or rather data classification, do you see there being much need for DSPM on top of CSPM? I feel like the DLP and Detection and Response are way more important than CSPM checks, but is that just me?
Sort By:
Oldest
CIO in IT Servicesa year ago
There are wonderful vendors available in both the DPSM and CSPM spaces and I worry that Wiz is taking on too many functions for their platform. It's hard to be a unicorn, the pressure must be over the top - but when is it too much?CISO in Softwarea year ago
It is about vendors moving to provide an entire suite of services versus businesses needed to individually deploy and integrate a whole set of independent security products and solutionsChief Information Security Officer in Healthcare and Biotecha year ago
The need for DSPM and CSPM is different. It depends on the organisation's security posture and how they want to manage their digital risk.
CSPM focuses on protecting the cloud infrastructure and its resources, covering only IaaS and PaaS components like virtual private clouds or machines, relational databases, compute instances, lambda functions, and serverless components. From a risk management perspective, CSPM lacks data intelligence to prioritize data assets.
DSPM emphasizes the security posture of data in public clouds. It delves into data, gaining insights into its type, sensitivity, geography, transformation over time, and how it's accessed or utilized. With such extensive data intelligence, DSPM aids teams in improving the configuration security posture. This includes controlling access to prevent unauthorized access and encrypting or masking sensitive data to comply with global data privacy regulations, particularly policies around cross-border data transfers and sensitive data sharing.
Need to really drill down on any marketed solution that says it is a Unified solution DSPM+CSPM and look at the gaps it isn't doing.