Palo Alto Networks, the global cybersecurity leader, today announced Cortex® Cloud™ Application Security Posture Management (ASPM). This is a prevention-first application security module. It intelligently blocks security issues from reaching production. In essence, security leaders and developers can now fix security risks before they deploy cloud and AI applications. This process is faster, more efficient, and more cost-effective.
This release builds on the introduction of Cortex Cloud. This platform combines the company’s cloud native application protection platform (CNAPP) and cloud detection and response (CDR) capabilities.
As AI-generated code compresses application development from months to hours, security must evolve,” said Sarit Tager of Palo Alto Networks. Cortex Cloud delivers the most comprehensive approach to cloud security. It also automatically stops risks before they reach production.
A Prevention-First Approach to Security
The new Cortex Cloud Application Security Posture Management fully integrates and enhances Palo Alto Networks’ existing application security offerings. Key benefits include:
- Prevent Risks, Don’t Chase Them: Proactively stop security issues from reaching production. Use full application and business context to enforce targeted guardrails without slowing down.
- Prioritize Real Issues: Pinpoint critical, exploitable risks without forcing developers to change tools. To do this, correlate findings from an open ecosystem of scanners with complete code, cloud, and runtime context.
- Automate Fixes: Eliminate manual remediation across security and development teams. You can achieve this by using industry-leading automation at every stage.
Unifying Security with an Open Ecosystem
Furthermore, Cortex Cloud ASPM includes an open AppSec partner ecosystem. This enables organizations to consolidate data from third-party code scanners. They can then use one centralized platform for comprehensive visibility. This means security teams can dramatically improve their security posture. Importantly, developers are not forced to change tools.
Key AppSec partners include leading vendors like Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode.
What the Experts are Saying
Industry analysts recognize the need for this shift in strategy.
Application risks reaching production remain a persistent challenge for security teams, said Katie Norton, Research Manager at IDC. By connecting application security with the live threat landscape, Palo Alto Networks’ Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently.
Ultimately, as AI adoption offers transformative opportunities, organizations must balance innovation with strong governance.
Cortex Cloud ASPM is currently in early access. Palo Alto Networks expects it to be generally available in the second half of 2025. To learn more, read the company’s official blog post: Introducing Prevention-First ASPM in Cortex Cloud.
