Survey shows enterprises struggle with firewall integration, zero trust implementation, and cost management as the line between trusted and untrusted environments blurs
Santa Clara, Calif. – July 8, 2025 – Aviatrix® today introduced Cloud Native Security Fabric (CNSF), a groundbreaking new security category designed to address the fundamental security gaps in modern cloud environments revealed in its latest research report, "The State of Cloud Network Security: 2025."
Redefining Cloud Security for the Modern Enterprise
As enterprises rapidly embrace multicloud environments, containerization, and AI technologies, traditional security models are failing to protect the vast and increasingly complex attack surfaces. Rather than bolting on security at the perimeter, CNSF addresses this crisis by embedding security directly into the cloud fabric itself.
"The speed and scale at which organizations operate in the cloud, coupled with the siloed nature of security tools to date, makes basic network security hygiene — to say nothing of zero trust — difficult to maintain," said John Grady, Principal Analyst at Enterprise Strategy Group. “Cloud Native Security Fabric seeks to solve this by embedding enforcement directly into the cloud fabric rather than bolting it on, helping to apply zero trust policies more effectively to the interconnected web of cloud workloads that define modern enterprise."
Challenges Fuelling the Demand for a Cloud Native Security Fabric
While existing tools approach security from the outside in, CNSF flips this approach on its head—working from the inside out to embed enforcement directly within the cloud fabric, between cloud workloads.
“The original concept of zero trust centered on human identity, but in today’s cloud native environments, identity must also encompass ephemeral, non-human entities like microservices, containers, and workloads,” said Jason Bloomberg, managing partner of analyst firm Intellyx. “In such dynamic systems, traditional perimeter-based and IP-centric models break down. To address this problem, a Cloud Native Security Fabric embeds identity-aware controls into the infrastructure to implement zero trust across the entire cloud estate.”
This is a game changer for enterprises grappling with challenges that legacy tools cannot solve:
The AI & Application Velocity Crisis: Organizations face a threefold security challenge as they rapidly modernize their technology stack. The rapid adoption of agentic AI is leading to employee-driven "Shadow AI" deployments that create unauthorized data pathways and bypass traditional security controls. Meanwhile, widespread adoption of Kubernetes introduces security blind spots in containerized environments that traditional tools can't protect. Infrastructure as Code (IaC) further widens the gap between deployment velocity and security governance, as automated processes outpace security teams' ability to review and secure configurations.
The Architectural & Complexity Crisis: Multicloud adoption has forced security teams to navigate incompatible security rules and models across public and private clouds, creating significant operational complexity and risk from encrypted channels that bypass traditional controls. Zero trust principles remain unattainable as organizations lack effective ways to govern dynamic workload interactions across distributed environments, leaving critical blind spots where security policies aren't consistently enforced at cross-cloud communication points. Meanwhile, the expansion of edge computing multiplies security challenges by creating countless mini-perimeters with inconsistent environments, limited visibility, and insufficient resources for comprehensive local security controls.
The Data Protection & Compliance Crisis: With more than half of organizations experiencing lateral movement attacks in the past year, attackers are increasingly exploiting unmonitored east-west traffic between cloud workloads to move undetected through systems and exfiltrate sensitive data by leveraging implicit trust between services. The dynamic, fragmented nature of multicloud environments creates an ever-shifting landscape that traditional auditing tools cannot effectively track, making it nearly impossible to demonstrate comprehensive policy enforcement or achieve consistent compliance across distributed data silos.
"The idea of a secure perimeter, dating back to the data center era, has completely dissolved, yet somehow our implicit trust of 'east-west' traffic remains. This is a dangerous anachronism in the cloud," said Doug Merritt, Chief Executive Officer at Aviatrix. "Today's research confirms what we've been seeing: the space between every workload has become the largest unguarded attack surface in enterprise history."
Research Validates the Need for a New Approach
Aviatrix’s newly released survey of 403 U.S. IT professionals from large organizations reveals alarming security gaps that directly support the need for CNSF:
Integration Challenges: Two-thirds of organizations (67%) struggle with effective cloud firewall integration into their broader security stack, creating dangerous gaps that attackers can exploit as workloads communicate across cloud environments.
Zero Trust Remains Elusive: Only 8% of U.S. organizations implement zero trust for securing inter-cloud traffic, and only 29% leverage zero trust API security models, demonstrating how the strategic goal of zero trust has yet to become an enforceable reality.
Visibility Blind Spots: More than half of organizations identified network traffic visibility as requiring significant improvement, with most relying only on basic native cloud monitoring tools.
Cloud Firewall Budget Crisis: One in three organizations experienced more than $100,000 in unexpected firewall costs in the past year, adding financial pressure to already strapped teams.
East-West Traffic Vulnerabilities: More than half of respondents struggle to manage east-west traffic for cloud-native applications, highlighting the critical need for security embedded within the cloud fabric itself.
DevOps Security Gaps: An overwhelming 85% of respondents reported challenges securing DevOps pipelines, underscoring the need for security that can move at the speed of innovation.
The Cloud Native Security Fabric: Security Inside the Cloud
Unlike traditional security approaches, CNSF delivers:
Embedded, Not Bolted-On Security: CNSF embeds policies directly inside the infrastructure rather than layering them on top.
Dynamic and Distributed Controls: Security segmentation that moves with workloads in real-time.
Frictionless, Policy-Driven Enforcement: A real-time enforcement layer that inspects, segments, and secures communication between every cloud workload.
Identity-Aware Controls: Operating in-line with encryption and segmentation capabilities.
"Securing the cloud isn't just about protecting the edges, it's about protecting the fabric that's inside—the space between every cloud workload," said Merritt. "CNSF works with the security stack to turn zero trust from a strategic goal into an enforceable reality, enabling enterprises to innovate at cloud speed without sacrificing control."
The CNSF Ecosystem
Aviatrix is building a Cloud Native Security Fabric as both a platform and an ecosystem. CNSF doesn't replace existing security tools. Instead, it activates and extends them by embedding enforcement directly into the cloud fabric—making security investments more powerful where they currently can't reach. It serves as the essential connective tissue that translates security insights into immediate action, allowing tools like Wiz, for example, to convert posture findings into runtime enforcement. By embedding enforcement directly into the cloud fabric, Aviatrix turns insights into action, becoming the common thread that makes existing security investments more powerful.
“With the sophistication of cyberthreats enterprises face today, we simply cannot afford to work in security silos anymore,” said Merritt. “We’re facing unified threats that require a unified response to overpower them. CNSF brings that foundation—that idea of a ‘blanketed’ approach to cybersecurity—to reality.”
Aviatrix CEO Doug Merritt and Enterprise Strategy Group Principal Analyst John Grady will join forces on July 31 to discuss how CNSF enables enterprises to close their most dangerous security blind spots. Save your seat at https://pages.aviatrix.com/webinar-cloud-native-security-fabric.html. Security veteran Tom Pageler will also join Aviatrix for a webinar on August 5 to discuss key findings of the report. Register at https://pages.aviatrix.com/webinar-industry-survey-cloud-network-security.html.
For a complete copy of "The State of Cloud Network Security: 2025," visit https://pages.aviatrix.com/report-industry-survey-2025.html. Learn more about Aviatrix Cloud Native Security Fabric at aviatrix.com.
About Aviatrix
Aviatrix® is the cloud network security company trusted by more than 500 of the world’s leading enterprises. As cloud infrastructures become more complex and costly, the Aviatrix Cloud Network Security platform gives companies back the power, control, security, and simplicity they need to modernize their cloud strategies. Aviatrix is the only secure networking solution built specifically for the cloud, that ensures companies are ready for AI and what’s next. Combined with the Aviatrix Certified Engineer (ACE) Program, the industry’s leading secure multicloud networking certification, Aviatrix unites cloud, networking, and security teams and unlocks greater potential across any cloud.
