General
   
min read

Bridging the Runtime Gap: Insights from Frost & Sullivan’s 2025 Cloud / Application Runtime Security Report

Noah Simon
Noah Simon
,
,
July 21, 2025
Copied to Clipboard
oligo.security/blog/frost-sullivan-2025-cloud-application-runtime-security-report

Overview

   

Most organizations today run on cloud-native infrastructure: containers, Kubernetes, serverless, and multi-cloud architectures. These environments change constantly, which is great for delivering applications efficiently, but it makes security more complex and challenging.

Today’s static scanners and posture management tools struggle to keep pace with dynamic environments. They don’t see what’s actually happening when applications and workloads are live. That’s where many teams now have their biggest gap: runtime.

A new report from Frost & Sullivan, Frost Radar™: Cloud/Application Runtime Security, 2025, takes a close look at this problem. It explains why detection and response at runtime is becoming critical, and which vendors are leading the charge. In this report from Ahn Tien Vu, Oligo is recognized as a leader in Application Detection & Response (ADR).

Why runtime security is now a priority

Frost & Sullivan’s analysis is clear: cloud-native infrastructure has outpaced many traditional security approaches. A few reasons stand out:

  • Short-lived workloads: Containers and serverless spin up and down quickly. Periodic scans and static checks can’t keep up.

  • New attack paths: Attackers take advantage of cloud-specific issues like IAM missteps, exposed APIs, and lateral movement inside Kubernetes.

  • Too much noise: Static scanning and posture tools often flood teams with alerts that lack real-world context. Many never turn into actual exploits, but still drain hours from SecOps and Engineering teams.

How the market is shifting

These challenges are pushing the market toward new categories like Cloud Detection & Response (CDR) and Application Detection & Response (ADR).

Some vendors are folding runtime features into existing CNAPP or XDR platforms. Others focus exclusively on runtime, building a unified system that correlates across applications, workloads, and cloud infrastructure.

What’s driving all of this is simple: without runtime visibility, teams often miss key parts of the attack chain. A tool that only scans infrastructure misses today’s most common intrusion vectors: application layer exploits. Tools that provide real-time visibility into infrastructure are often limited to post-intrusion detections, putting SOC teams on their heels when it comes to incident response.

Why Frost & Sullivan highlighted Oligo

In this new report, Frost & Sullivan called out Oligo as a leader in ADR. They pointed to several reasons:

  • Determines real exploitability: Instead of just flagging that a function is reachable, Oligo actually monitors whether a vulnerable function loads and runs. That cuts down on noise and helps teams focus on what truly matters.
  • Stops attacks in real time: Oligo can block exploits — including zero-days and attacks on transitive dependencies — inside running applications.
  • Covers what developers actually use: Java, .NET, Python, Node, Ruby, plus third-party libraries.
  • Fits with existing workflows: Very low overhead (under 1%) and integrates with SIEM, SOAR, Jira, and DevOps pipelines, so teams can plug it into what they already use.

The report also noted that Oligo grew 200% last year and is now the largest ADR vendor by revenue, reflecting growing demand from companies that want better runtime protection.

Oligo recognized as the leading ADR vendor from Frost & Sullivan

What this means for security teams

For CISOs and security architects, this isn’t about replacing existing tools. It’s about closing a crucial visibility gap.

  • Less chasing dead ends: By focusing on vulnerabilities that actually execute in production, teams cut down time spent triaging alerts that never turn into real risk.

  • Faster response: Seeing attacks in real time helps SOC teams investigate and contain issues before they spread.

  • Stronger incident handling: Integrated alerts and context feed into existing workflows, so teams can respond without rebuilding processes from scratch.

Download the full report

Frost & Sullivan’s Frost Radar™: Cloud/Application Runtime Security, 2025 breaks down how the market is evolving, why runtime detection is gaining traction, and how vendors stack up.

It’s a helpful guide for security leaders deciding where to invest next and how to balance prevention, posture management, and runtime detection.

Download the Report

expert tips

Noah Simon
Noah Simon
Head of Product Marketing

Noah Simon is Head of Product Marketing at Oligo. Noah has spent over a decade as a product marketer for cybersecurity companies, including Axonius, Dazz, and BitSight. He is passionate about cybersecurity, and always seeking to understand how new technologies can help companies and individuals protect themselves from the continually evolving cyber risk landscape.

Related Posts

All
General

Securing the Future of AI: Oligo Named an AI Security Innovator in Latio’s 2025 Market Report

,
,
June 13, 2025
All
General

Oligo Wins SC Award for Best Supply Chain Security Solution

Nadav Czerninski
,
,
September 17, 2024
All
General

Oligo Named Finalist by SC Awards for Best Supply Chain Solution of 2024

Nadav Czerninski
,
,
September 3, 2024

Subscribe and get the latest security updates

Built to Defend Modern & Legacy apps

Oligo deploys in minutes for modern cloud apps built on K8s or older apps hosted on-prem.

Book a Demo