Palo Alto upgrades Cortex Cloud to tackle AI-driven code risks
The latest addition, part of the Cortex Cloud platform, addresses the growing issue of quality and security lapses introduced by AI in software development. As organisations increasingly adopt AI-driven tools to speed up production, concerns are rising over poorly structured, insecure, or redundant code, sometimes described as "AI slop." These problems can result in application failures, unpredictable outages, and security vulnerabilities that are challenging to detect and resolve, particularly in cloud-native environments.
ASPM focus
The new module, Cortex Cloud Application Security Posture Management (ASPM), is described as a prevention-first solution, focusing on blocking security risks before deployment rather than remediating problems retrospectively. According to Palo Alto Networks, it automates the identification of potential risks and business impacts without disrupting development workflows, while prioritising serious security concerns over less significant issues.
The company also introduced an open AppSec partner ecosystem within Cortex Cloud ASPM, enabling organisations to unify data from prominent third-party application security scanners. Partners include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode. This consolidation aims to give security teams a clearer, more comprehensive overview of their code security postures by aggregating both native and third-party insights in a single platform. The integration is designed to avoid the need for developers to switch between tools during their work.
The new ASPM expansion builds on the February introduction of Cortex Cloud, a platform that merged Palo Alto Networks' cloud native application protection platform (CNAPP) and cloud detection and response (CDR) features. Customers using Cortex Cloud have access to AI-ready data spanning code repositories, cloud resources, and security operations centres, with the goal of unifying and streamlining security management.
Industry perspectives "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR, and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle," said Sarit Tager, Vice President of Product Management at Palo Alto Networks.
According to the company, key benefits of Cortex Cloud ASPM include proactive prevention of issues from reaching production, prioritisation of genuine risks by correlating findings across a range of scanners and platforms, and extensive automation to reduce manual intervention by security and development teams.
Application and software supply chain security is also a concern for industry analysts. Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, commented on the need for focused, efficient security amidst rapid development cycles. She stated, "Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently."
Availability
Cortex Cloud ASPM is now in early access and is expected to become generally available in the second half of 2025. The company highlights the role of automated and context-aware security solutions as the pace of development increases and as AI continues to change software production practices within organisations.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
3 days ago
- Techday NZ
Palo Alto Networks unveils Cortex Cloud ASPM to block app risks
Palo Alto Networks has introduced Cortex Cloud Application Security Posture Management (ASPM), a product designed to prevent security risks from impacting applications before they are deployed. The new Cortex Cloud ASPM module is positioned as a prevention-first solution, blocking vulnerabilities from reaching production environments. According to Palo Alto Networks, the product is intended to give security professionals and developers the ability to identify and address security risks in cloud and AI applications prior to deployment, streamlining the remediation process and reducing associated costs. Prevention-focused approach Cortex Cloud ASPM incorporates an open AppSec partner ecosystem, allowing organisations to aggregate data from various third-party code scanners within a central platform. This integration aims to improve security teams' visibility and enable them to work with their preferred development tools without disruption. Supported partner vendors include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode. This release builds upon the existing Cortex Cloud platform, which previously combined cloud native application protection platform (CNAPP) capabilities with cloud detection and response (CDR) for real-time threat management. Cortex Cloud as a whole is designed to provide protection across the entire application lifecycle, using data that spans code, cloud infrastructure, and security operations centres (SOC). Detailing the organisation's vision, Sarit Tager, Vice President of Product Management at Palo Alto Networks, said: "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle." The integration of ASPM into Cortex Cloud is intended to enhance existing security offerings, enabling organisations to implement preventive controls across development and production environments. Key product features Cortex Cloud ASPM offers several core benefits. The platform is designed to proactively stop risks from progressing into live production environments by enforcing targeted guardrails based on application and business context. A key feature is the correlation of findings from both native security controls and third-party scanning solutions, providing prioritisation of critical and exploitable risks without mandating changes to existing development tools. Automation is another focus area for the product. The platform aims to minimise the need for manual remediation by automating security fixes, allowing both security and development teams to address vulnerabilities efficiently throughout the application lifecycle. Industry perspective Commenting on the challenges in application security, Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security at IDC, said: "Application risks reaching production remain a persistent challenge for security teams and continue to leave organisations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organisations to stop threats faster and operate more efficiently." Palo Alto Networks expects that the solution will allow organisations to streamline their approach to application security posture management, while accommodating the increasing pace of development associated with cloud and AI-driven applications. Availability Cortex Cloud ASPM is currently in early access, with general availability anticipated in the second half of 2025.
Techday NZ
3 days ago
- Techday NZ
Palo Alto upgrades Cortex Cloud to tackle AI-driven code risks
Palo Alto Networks has launched a new capability aimed at securing applications developed with AI-generated code. The latest addition, part of the Cortex Cloud platform, addresses the growing issue of quality and security lapses introduced by AI in software development. As organisations increasingly adopt AI-driven tools to speed up production, concerns are rising over poorly structured, insecure, or redundant code, sometimes described as "AI slop." These problems can result in application failures, unpredictable outages, and security vulnerabilities that are challenging to detect and resolve, particularly in cloud-native environments. ASPM focus The new module, Cortex Cloud Application Security Posture Management (ASPM), is described as a prevention-first solution, focusing on blocking security risks before deployment rather than remediating problems retrospectively. According to Palo Alto Networks, it automates the identification of potential risks and business impacts without disrupting development workflows, while prioritising serious security concerns over less significant issues. The company also introduced an open AppSec partner ecosystem within Cortex Cloud ASPM, enabling organisations to unify data from prominent third-party application security scanners. Partners include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode. This consolidation aims to give security teams a clearer, more comprehensive overview of their code security postures by aggregating both native and third-party insights in a single platform. The integration is designed to avoid the need for developers to switch between tools during their work. The new ASPM expansion builds on the February introduction of Cortex Cloud, a platform that merged Palo Alto Networks' cloud native application protection platform (CNAPP) and cloud detection and response (CDR) features. Customers using Cortex Cloud have access to AI-ready data spanning code repositories, cloud resources, and security operations centres, with the goal of unifying and streamlining security management. Industry perspectives "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR, and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle," said Sarit Tager, Vice President of Product Management at Palo Alto Networks. According to the company, key benefits of Cortex Cloud ASPM include proactive prevention of issues from reaching production, prioritisation of genuine risks by correlating findings across a range of scanners and platforms, and extensive automation to reduce manual intervention by security and development teams. Application and software supply chain security is also a concern for industry analysts. Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, commented on the need for focused, efficient security amidst rapid development cycles. She stated, "Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently." Availability Cortex Cloud ASPM is now in early access and is expected to become generally available in the second half of 2025. The company highlights the role of automated and context-aware security solutions as the pace of development increases and as AI continues to change software production practices within organisations.
Techday NZ
5 days ago
- Techday NZ
Echo secures $15 million to cut software vulnerability risks
Echo has raised $15 million in seed funding to advance its approach to managing vulnerabilities in software infrastructure. The Seed round was led by Notable Capital and Hyperwise Ventures, supported by SVCI. Echo's focus is on delivering container base images that are free from vulnerabilities, with artificial intelligence agents deployed to maintain their security on an ongoing basis. The company aims to address the growing challenges in vulnerability management by targeting the foundations of enterprise software, rather than remediation after the fact. Recent research referenced by Echo highlights a 34% increase in vulnerability exploitation and a 61% rise in discovered software vulnerabilities year-over-year, signalling both the growing scale of the issue and the need for solutions that address the underlying causes. Echo's method involves AI-driven processes to analyse, rebuild, and continuously patch open source container images, producing secure versions that replicate the functionality of the original but with fewer potential risks. Reducing remediation time The company reports that its technology has enabled a reduction in vulnerability remediation time from the industry average of up to 120 days to just 24 hours. This is intended to significantly shorten the window in which organisations are exposed to security threats, all while reducing the manual burden typically placed on engineering teams. "Echo was born out of a broken system. Having worked directly with Fortune 500 companies, major banks, and other enterprises on vulnerability management, we've understood that today's tools all encounter the same challenge: As AI accelerates the volume of issues in cloud-native environments, businesses are spending millions on tools that chase and prioritise vulnerabilities rather than solve the root of the problem," said Eilon Elhadad, Co-Founder and CEO of Echo. "Our CVE-free base images enable companies to build applications with a completely clean foundation - and via our AI agents, we make sure they stay that way. We've reduced the typical vulnerability remediation time from a current industry average of up to 120 days, to just 24 hours – a transformative turnaround for enterprises that's reflected in customers' existing scanners and CNAPP platforms." Elhadad and Co-Founder Eylam Milner previously co-founded Argon, a company acquired by Aqua Security for $100 million in 2021, and they bring this background to Echo's solutions in container and cloud security. Industry context Estimates put the vulnerability management market at $17 billion annually, with Echo aiming to help clients save on both direct and indirect costs through its approach. "Vulnerability management is a $17 billion industry. By offering secure-by-design infrastructure, the industry could unlock billions annually – not to mention the downstream cost savings of preventing potential breaches. This is what Echo is championing; a solution that allows businesses the luxury of not thinking about how to manage or mitigate vulnerabilities." said Oren Yunger, Managing Partner at Notable Capital. "We are delighted to support Echo as they grow and continue to innovate in the cloud security space." Echo's product is already being used by companies such as UiPath, where it has contributed to immediate reductions in the workload required to patch software vulnerabilities. "Echo's product is a game changer for us. The vulnerability-free container base images have immediately cut our patching workload, saving us significant time and money," said Scott Roberts, CISO of UiPath. "A recent survey found that 75% of developers spend more than 17 hours per-week on security related tasks, representing a staggering waste of resources and lost opportunities. Echo's solution eliminates the need for labor-intensive vulnerability remediation, solving the problem at its source before our engineering teams have to try and deal with it." FedRAMP compliance facilitation Echo's system also aims to support organisations in meeting compliance requirements, including facilitating a faster pathway to Federal Risk and Authorization Management Program (FedRAMP) accreditation. This is accomplished by using Federal Information Processing Standards (FIPS)-validated images, which are designed to be compatible with existing enterprise environments without the need for major operational changes. According to company statements, the funding will be applied to support the next phase of Echo's growth, building on existing implementations and aiming to further embed its tech within enterprise-scale clients and cloud-based businesses. Follow us on: Share on:
