Palo Alto Networks, a global cybersecurity leader, has launched Cortex Cloud Application Security Posture Management (ASPM), a prevention-first module designed to block security risks before they reach production. This advancement enhances cloud and AI application security by integrating with an open AppSec partner ecosystem for comprehensive visibility.
Palo Alto Networks introduces Cortex Cloud ASPM to prevent security risks.
Integrates with Black Duck, Snyk, Veracode, and other AppSec vendors.
Automates fixes, reducing manual remediation and development backlogs.
Prioritizes critical risks using code, cloud, and business context.
Enhances existing CNAPP and CDR for end-to-end application security.
Currently in early access, with general availability in late 2025.
Cortex Cloud ASPM proactively stops security issues from reaching production by enforcing targeted guardrails that leverage full application and business context. “As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation,” said Sarit Tager, VP of Product Management, Palo Alto Networks. The module integrates with leading AppSec vendors like Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode, consolidating data from third-party scanners into a single platform. This unified approach ensures developers can maintain their workflows while addressing vulnerabilities 10 times faster, as noted by Palo Alto Networks.
Unlike traditional tools that overwhelm teams with alerts, Cortex Cloud ASPM prioritizes exploitable risks by correlating findings from native and third-party scanners with code, cloud, runtime, and business context. “Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk,” said Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security, IDC. This capability reduces false positives, enabling security teams to focus on critical threats without disrupting development processes.
Cortex Cloud ASPM automates remediation across the application lifecycle, eliminating manual backlogs for both security and development teams. Built on the Cortex platform’s existing cloud native application protection platform (CNAPP) and cloud detection and response (CDR) capabilities, it provides AI-ready data spanning code, cloud, and security operations centers (SOC). The open AppSec ecosystem ensures seamless integration with tools developers already use, enhancing efficiency. The solution, currently in early access, is expected to be generally available in the second half of 2025, strengthening Palo Alto Networks’ position in the $1.7 billion ASPM market.
Cortex Cloud ASPM positions Palo Alto Networks as a leader in application security, offering a proactive, integrated solution that aligns with the rapid pace of AI-driven development. By preventing risks and streamlining workflows, it empowers organizations to secure cloud and AI applications effectively, ensuring robust protection across the entire development lifecycle.
As the global AI and cybersecurity leader, Palo Alto Networks is dedicated to protecting our digital way of life via continuous innovation. Trusted by more than 70,000 organizations worldwide, we provide comprehensive AI-powered security solutions across network, cloud, security operations and AI, enhanced by the expertise and threat intelligence of Unit 42. Our focus on platformization allows enterprises to streamline security at scale, ensuring protection fuels innovation.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.