It feels like IT and security pros are tasked with the impossible job of operating business-critical applications in Infrastructure as a Service (IaaS) environments in the dark with no ability to monitor and protect them in runtime. You see hype everywhere talking about using vulnerability and configuration scans to protect cloud-native apps and data. DevOps (development and operations) and DevSecOps (development, security and operations) experts are expected to predict what might happen in their IaaS environments pre-runtime and then to operate on daily post-mortem lists of vulnerabilities and risky configurations. Lists that have no resource context and deliver no live monitoring or control over what’s actually happening in their environment.