Summary

AI is changing what enterprises need to secure. Cloud-native applications still depend on infrastructure, workloads, identities, configurations, and runtime controls—but AI introduces new layers, including models, prompts, retrieval paths, memory, tools, orchestration logic, and agents that can act on behalf of users and systems.

Dell’Oro Group’s AI and Cloud-native Security Advanced Research Report track this evolving security landscape, helping vendors, investors, and strategy teams understand market evolution, spending shifts, and vendor positioning.

The report covers two distinct but increasingly adjacent technology segments:

• • Cloud-native Application Protection Platform (CNAPP): platforms that secure cloud infrastructure, Cloud-native workloads, identities, permissions, configurations, posture, exposure paths, and runtime environments across the application lifecycle.
  • AI Systems Security (AISS): solutions that secure AI applications, models, agents, prompts, retrieval paths, memory, tool use, orchestration logic, and AI-specific runtime behavior.

These segments are tracked separately within a unified framework to preserve clarity in market sizing and vendor positioning, particularly as vendors participate in both markets through different products and capabilities.

The report also links security demand to broader adoption drivers, including enterprise public cloud and AI system spending, enabling analysis of both market performance and long-term growth drivers.

Formerly the Cloud Workload Security Advanced Research Report, this research has been expanded to reflect the next phase of cloud and AI security investment while maintaining continuity for CNAPP tracking.

The cloud security market is entering a new phase. CNAPP has become the platform category for securing Cloud-native applications across development, deployment, and runtime. At the same time, AI is creating a new security market focused on protecting AI applications, models, and agents.

This matters because AI systems do more than run on cloud infrastructure. They retrieve enterprise data, call tools, connect to business applications, use memory, and make decisions through probabilistic logic. That creates new risks – prompt injection, unsafe retrieval, model misuse, insecure tool calls, agent overreach, data leakage, and runtime behavior that traditional cloud security controls were not designed to handle by themselves.

The result is a market that is both familiar and new: CNAPP remains essential for securing the Cloud-native foundation, while AI Systems Security is emerging to secure the AI system itself.

To take advantage of the opportunities in this market, vendors and financial institutions need to answer critical business questions, including:

• • How large is the AI and Cloud-native Security market today, and how fast will it grow over the next five years?
  • How much revenue is attributable to CNAPP, and how much is attributable to AI Systems Security?
  • How are development, deployment, runtime, and AI runtime/control spending patterns changing?
  • Which vendors are gaining or losing share in CNAPP, and why?
  • How are hyperscalers, portfolio security vendors, and pure-play specialists positioned?
  • How does the rise of AI applications, models, and agents create new security buying requirements?
  • How is AI Systems Security different from broader AI Security and Governance?
  • What role do public cloud revenue, enterprise AI systems spend, and risk-weighted AI systems spend play as market anchors?
  • Which regions are expected to grow fastest, and where do cloud maturity, regulation, AI adoption, and local vendor ecosystems matter most?
  • What are the accelerators and inhibitors shaping growth in CNAPP and AI Systems Security?
  • How should vendors and investors think about market consolidation, M&A, and the shift from point tools to platforms?

Report Coverages

The report includes quantitative forecasts, vendor analysis, product mapping, and market context designed to evaluate opportunities across CNAPP and AI Systems Security, including:

• • Market size and growth trends.
  • CNAPP vendor share, including which vendors are gaining or losing share and why.
  • Development, deployment, and runtime spending trends in CNAPP.
  • Development, deployment, and runtime/control spending trends in AISS.
  • Roles of hyperscalers, portfolio security vendors, and pure-play specialists.
  • Relationship between public cloud revenue, enterprise AI systems, and security spending.
  • Regional revenue trends across North America, EMEA, Asia Pacific excluding China, China, and CALA.
  • Vendor strategies, product positioning, product maps, and M&A activity.
  • The distinction between AI Systems Security and the broader AI Security and Governance opportunity.

Pair this report with Dell’Oro Group’s Network Security, SASE and SD-WAN, and Distributed Cloud Networking research to understand how AI, cloud, and network security controls are converging across the enterprise architecture.

Press Release