.png)
The security industry loves buzzwords, jargon, and overly complex definitions. Aikido keeps it simple: Every tool fits into ASPM or CSPM, with some overlapping both categories. Here’s how some popular industry terms align with our approach.
CNAPP (Cloud-Native Application Protection Platform)
- Origin: A marketing term that describes security solutions covering both CSPM and ASPM.
- What it does: Integrates cloud security with application security for cloud-native applications.
- Our take: CNAPP is just a combination of CSPM and ASPM—nothing new.
Vulnerability Management Software
- Origin: Traditional security teams use it to track and prioritize vulnerabilities.
- What it does: Provides dashboards for security processes and risk tracking.
- Our take: These tools fall under both ASPM and CSPM depending on their focus.
Software Supply Chain Security
- Origin: Created to address attacks on third-party software components.
- What it does: Protects against code vulnerabilities in dependencies, build pipelines, and deployment infrastructure.
- Our take: This falls under ASPM tools like SCA and SBOM, along with CSPM for cloud components.
RASP (Runtime Application Self-Protection)
- Origin: Designed to protect applications at runtime.
- What it does: Blocks real-time threats inside running applications.
- Our take: RASP overlaps ASPM and CSPM, providing runtime protection for both.
As each software security company keeps inventing new things, this list will keep getting bigger.