Cloud security teams use cloud-native application protection platforms (CNAPPs) to find misconfigurations and vulnerabilities in their multi-cloud environments. While these solutions can discover thousands of potential security issues in large cloud environments, many fail to answer two fundamental cloud security questions: "Where am I most at risk?" and "What issues should I prioritize?"