Palo Alto Networks Unveils Cortex Cloud ASPM: Revolutionizing AI and Cloud Application Security

Palo Alto Networks announces Cortex Cloud Application Security Posture Management - SiliconANGLE

Palo Alto Networks announces Cortex Cloud Application Security Posture Management Palo Alto Networks Inc. kicked off the annual Black Hat USA security conference in Las Vegas this week with today's announcement of its Cortex Cloud Application Security Posture Management solution. The ASPM offering is designed to fix security issues before cloud and AI applications have been deployed. The traditional method of securing apps is a highly fragmented set of manual processes. Instead of a single, unified platform, developers rely on a collection of point products and manual processes that are disconnected from each other. This method is often characterized as "tool sprawl" and has no single source of truth. Cortex Cloud ASPM operates on the concept of moving security to the earliest stages of development, also known as shifting left. Instead of waiting until an application is deployed to find vulnerabilities, the platform integrates directly into the developer's workflow and continuous integration and continuous delivery or CI/CD pipelines. This allows it to scan code for misconfigurations, compliance violations and other vulnerabilities in the source code, open-source libraries and infrastructure as code templates as well as identify hardcoded API keys and passwords in the code. This release extends Cortex Cloud -- introduced earlier this year -- which combined the company's cloud-native application protection platform, or CNAPP, and its cloud detection and response, or CDR, technologies to deliver real-time security. Palo Alto has been the most active security vendor in evangelizing the value of a security platforms and this is another example of the value of bringing a set of tools together. In a prebriefing for industry analysts, Cameron Hyde, product marketing manager for application security, said that as Palo Alto moves from Prisma Cloud to Cortex Cloud, the company wants to more tightly align three pillars -- data integration, AI-driven intelligence and automation -- as it extends these capabilities to the SOC for tight synergies on the underlying data. One of the discussion points on the call was the impact of AI on coding. While it is certainly true that organizations can write code at a pace never seen before, it's also true that the accelerated use of AI can push insecure code into production at an equally unprecedented rate. As this happens, traditional application security approaches struggle to prevent risks, only alerting security teams after they've already slipped into production. Palo Alto says Cortex Cloud ASPM fully integrates with and enhances the application security offerings already available in Cortex Cloud to deliver benefits including: "When we talk with customers about prevention, they mostly say they cannot really prevent," Cortex team leader Sarit Cohen said in the analyst briefing. "They say, 'It's too much, the developers will suffer.' And we point out that without prevention, it may cost more when you go to production, since you'll need to figure out who actually wrote the code and how to go back and rebuild it. All of that is really expensive in terms of developer time." Cortex Cloud features an open AppSec partner ecosystem to enable customer organizations to consolidate data from third-party code scanners into a centralized platform for comprehensive visibility. The goal is to combine native ASPM data with third-party vendor insights to provide organizations with a stronger security posture that doesn't require them to change tools. Palo Alto's AppSec partners include Checkmarx, Snyk and Veracode. The integration with third parties has been a core component of Palo Alto's platform strategy for the past several years. No security vendor can do everything and by partnering, Palo Alto can fill in the gaps in its platform. Cortex Cloud ASPM early access is underwa, with general availability expected to be in October. AI is having a massive impact on coding and companies of all sizes are now using the technology to spin up thousands of lines of code daily versus the few hundred that could be accomplished with people. Along with this, organizations need to rethink how the code is secured through AI enabled automated systems.

Palo Alto Networks Launches Industry-Leading ASPM for AI and Cloud-Native App Security

Now, security leaders and developers can fix security risks before cloud and AI applications have been deployed, which is 10 times faster, more efficient, and cost effective. In addition, Cortex Cloud ASPM includes an open AppSec partner ecosystem, enabling organizations to consolidate data from their preferred third-party code scanners into one, centralized platform for comprehensive visibility. Combining native ASPM data with insights from third-party vendors enables security teams to dramatically improve their security posture, all without forcing developers to change tools. Palo Alto Networks AppSec partners feature leading vendors such as Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode.

Palo Alto Networks Redefines Application Security with the Industry's Most Comprehensive Prevention-First ASPM

* Cortex Cloud expands the platform with a prevention-first ASPM to automatically stop risks from reaching production * New open AppSec partner ecosystem unifies all data from industry-leading AppSec providers on a single platform for unprecedented cross-vendor visibility SANTA CLARA, Calif., Aug. 5, 2025 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced Cortex Cloud™ Application Security Posture Management (ASPM), a prevention-first application security module that intelligently blocks security issues from reaching production. Now, security leaders and developers can fix security risks before cloud and AI applications have been deployed, which is 10 times faster, more efficient, and cost effective. In addition, Cortex Cloud ASPM includes an open AppSec partner ecosystem, enabling organizations to consolidate data from their preferred third-party code scanners into one, centralized platform for comprehensive visibility. Combining native ASPM data with insights from third-party vendors enables security teams to dramatically improve their security posture, all without forcing developers to change tools. Palo Alto Networks AppSec partners feature leading vendors such as Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode. This release builds on the introduction of Cortex Cloud, which merged the company's industry-leading cloud native application protection platform (CNAPP) and best-in-class cloud detection and response (CDR) capabilities for real-time cloud security. As part of the broader unified Cortex platform, customers can benefit from AI-ready data spanning code, cloud, and SOC to transform end-to-end security operations. Sarit Tager, VP of Product Management, Palo Alto Networks "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle." Cortex Cloud ASPM fully integrates and significantly enhances Palo Alto Networks existing best-in-class application security offerings already available in Cortex Cloud. Key benefits include: * Prevent risks, don't chase them: Proactively stop security issues from reaching production, using full application and business context to enforce targeted guardrails without slowing down production. * Prioritize real issues, not false alarms: Pinpoint critical, exploitable risks without forcing developers to change tools by correlating findings from an open ecosystem of native and third-party scanners with complete code, cloud, runtime and business context. * Automate fixes, skip the backlog: Eliminate manual remediation across security and development teams using industry-leading automation at every stage of the application lifecycle. Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security, IDC "Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently." Cortex Cloud ASPM is currently in early access and expected to be generally available in the second half of 2025. To learn more about the Cortex platform and how Palo Alto Networks is transforming cybersecurity, read our blog. Follow Palo Alto Networks on X (formerly Twitter), LinkedIn, Facebook and Instagram. About Palo Alto Networks As the global AI and cybersecurity leader, Palo Alto Networks (NASDAQ: PANW) is dedicated to protecting our digital way of life via continuous innovation. Trusted by more than 70,000 organizations worldwide, we provide comprehensive AI-powered security solutions across network, cloud, security operations and AI, enhanced by the expertise and threat intelligence of Unit 42. Our focus on platformization allows enterprises to streamline security at scale, ensuring protection fuels innovation. Explore more at www.paloaltonetworks.com. Palo Alto Networks, the Palo Alto Networks logo, Cortex, Cortex Cloud and Unit 42 are trademarks of Palo Alto Networks, Inc. in the United States or in certain jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available. View original content to download multimedia:https://www.prnewswire.com/news-releases/palo-alto-networks-redefines-application-security-with-the-industrys-most-comprehensive-prevention-first-aspm-302521901.html SOURCE Palo Alto Networks, Inc.