Frost & Sullivan’s Latest 2025 Frost Radar: The Need for Runtime Cloud Security in a Cloud-First World

Cloud Security is at a Breaking Point

Cloud breaches rose 35% year over year in 2024, and legacy security tools are failing to keep up. The rapid sprawl of multi-cloud and SaaS has shattered the assumptions baked into legacy, on-prem, and endpoint-focused security stacks, which can’t keep pace with today’s dynamic attack surfaces. The explosive growth of multi-cloud and SaaS has rendered legacy, on-prem, and endpoint-centric security models inept to protect today’s attack surface.

Threat actors – armed with GenAI – are automating reconnaissance and launching highly customized attacks at scale. Security operations teams (SOCs) are drowning in unactionable alerts, visibility is fractured across cloud environments, and identity-based compromise has become the new norm. SOC teams are burning out, coverage is slipping, and the standard prevention-based approach is failing.

Perhaps this is why Frost & Sullivan leaned in and outlined a new paradigm for security with their 2025 Frost Radar on Cloud and Application Runtime Security. Mitiga is proud to be recognized as a leading player in the 2025 report, as it underscores our commitment to providing the most complete solutions to stay ahead of – and recover from – modern cloud threats.

Without a radical shift toward AI-driven, real-time cloud detection and response that spans cloud, SaaS, and identity, organizations will be outmaneuvered and unprepared when the inevitable breach knocks on the door. In fact, in 2025, this capability just became non-negotiable for the modern SOC.

Why This Report Matters

The Frost & Sullivan 2025 Frost Radar report focuses on two critical areas:

Cloud/Application Runtime Security (CARS): Security measures and practices implemented to protect cloud-based applications and workloads during their execution, often encompassing prevention, detection, and response capabilities.
Cloud-Native Application Detection and Response (CNADR): Specialized tools and processes designed to detect threats and facilitate swift responses within dynamic cloud-native environments. This includes securing various cloud components like containers, serverless functions, and microservices.

Mitiga fits directly into these frameworks by offering a comprehensive platform built from the ground up for cloud-native security. Our solutions are designed to address the “white space” that traditional, prevention-based cloud security tools often overlook. We do this by providing deep visibility, detection, and response capabilities across cloud infrastructure, SaaS applications, and cloud identities – empowering organizations to achieve more cloud resilience by being threat-ready and able to quickly respond to cloud breaches.

The Frost & Sullivan report highlights that Mitiga is “transforming cloud detection and response with their agentless approach, focusing on real-time events to help SecOps teams identify, investigate, and respond to cloud-native threats." This reflects Mitiga's dedication to equipping security teams with the tools necessary to address the challenges outlined in the Frost Radar report’s scope. And – since the majority of breaches begin with cloud infrastructure, SaaS, or identities – our agentless approach is designed to provide seamless CNADR functionality by integrating with agent-based ADR solutions to extend our panoramic view, including visibility into suspicious workload activity.

What Sets Mitiga Apart

Mitiga's Cloud Detection and Response approach centers on several key areas that address significant risks for organizations:

Full-spectrum visibility – We tackle the inability to detect lateral movement across SaaS, Identity, and Cloud environments. Traditional tools often miss these subtle but dangerous shifts. Mitiga turns fragmented cloud and SaaS data into a single source of truth—fusing signals from our Cloud Security Data Lake and cloud-native sources into a unified, real-time TDIR command center. This allows for panoramic visibility, detection, and response across your entire cloud environment. For example, our system can detect anomalous login times or unusual outbound connections to suspicious IP addresses, providing earlier detection of subtle attack signals.

Faster response with automation – We streamline manual processes and attack paths that can take hours or days for SecOps teams to piece together. Manual correlation and triaging wastes valuable time when every second counts. Our platform automatically correlates Cloud, SaaS, and Identity threat signals into a unified attack timeline, leveraging our proprietary detection logic that’s built for the cloud. This kind of real-time runtime attack mapping ensures that every suspicious event is triaged with complete context and confidence scoring, empowering SOC teams with nothing but actionable insight. This saves time and enables the fastest Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)—improving response speed by 90% compared to legacy tools and processes.

Cost-effective readiness: –The scale of cloud-generated data is overwhelming traditional SIEMs, making storage financially and operationally unsustainable. Mitiga addresses this by storing 1,000 days of Cloud and SaaS log history, with no limits on the amount of data you can collect. This ensures that forensic data is always available for investigations, without the unpredictable storage costs. This means you can consider long-term trend analysis or examine events that occurred earlier in the year without worrying about data retention limits.

Expert-backed coverage: We help bridge the shortage of SaaS and Cloud expertise. Our easy-to-deploy platform and expert team extend your SOC capabilities, while our on-demand incident response and managed cloud detection & response (M-CDR) support ensure your team is never alone when facing modern threats.

Being recognized by Frost & Sullivan in their 2025 Frost Radar on Cloud and Application Runtime Security reinforces our commitment to helping organizations protect their cloud environments when prevention fails. We believe this report strongly validates that Cloud Detection and Response capability is indeed non-negotiable for the modern SOC.

‍

LAST UPDATED:

June 13, 2025

Don't miss these stories:

The Remote Worker Scam: Understanding the North Korean Insider Threat

Recent investigations have uncovered a sophisticated scheme by North Korean operatives to exploit remote work policies in the U.S. tech industry.

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 2

This second part of the blog series continues the path to understanding principals and identities in Google Cloud Platform (GCP) Audit Logs. Part one introduced core concepts around GCP logging, the different identity types, service accounts, authentication methods, and impersonation.

Mitiga Security Advisory: Lack of Forensic Visibility with the Basic License in Google Drive

Mitiga's advisory highlights critical gaps in forensic visibility with Google Drive's Basic license, affecting security and incident investigations. Read on.

Cloud Detection vs Cloud Threat Hunting: Insights for Cyber Leaders

As cyber threats evolve, security teams need to detect and mitigate cloud attacks. Learn why cloud detection and threat hunting are key defense strategies.

Oops, I Leaked It Again — How Mitiga Found PII in Exposed Amazon RDS Snapshots

A recent Mitiga Research Team investigation found the well-regarded Amazon Relational Database Service is leaking PII via exposed RDS Snapshots.

What CSPMs Can't Do for Your Cloud Security

In recent years, Cloud Security Posture Management (CSPM) tools have become increasingly popular, and with good reason. The posture management capabilities a CSPM provides can help an organization better understand cloud configuration to prevent potential security incidents.