Palo Alto Networks unveils Cortex Cloud ASPM to block app risks

Palo Alto Networks has introduced Cortex Cloud Application Security Posture Management (ASPM), a product designed to prevent security risks from impacting applications before they are deployed.

The new Cortex Cloud ASPM module is positioned as a prevention-first solution, blocking vulnerabilities from reaching production environments. According to Palo Alto Networks, the product is intended to give security professionals and developers the ability to identify and address security risks in cloud and AI applications prior to deployment, streamlining the remediation process and reducing associated costs.

Prevention-focused approach

Cortex Cloud ASPM incorporates an open AppSec partner ecosystem, allowing organisations to aggregate data from various third-party code scanners within a central platform. This integration aims to improve security teams' visibility and enable them to work with their preferred development tools without disruption. Supported partner vendors include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode.

This release builds upon the existing Cortex Cloud platform, which previously combined cloud native application protection platform (CNAPP) capabilities with cloud detection and response (CDR) for real-time threat management. Cortex Cloud as a whole is designed to provide protection across the entire application lifecycle, using data that spans code, cloud infrastructure, and security operations centres (SOC).

Detailing the organisation's vision, Sarit Tager, Vice President of Product Management at Palo Alto Networks, said:

"As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle."

The integration of ASPM into Cortex Cloud is intended to enhance existing security offerings, enabling organisations to implement preventive controls across development and production environments.

Key product features

Cortex Cloud ASPM offers several core benefits. The platform is designed to proactively stop risks from progressing into live production environments by enforcing targeted guardrails based on application and business context. A key feature is the correlation of findings from both native security controls and third-party scanning solutions, providing prioritisation of critical and exploitable risks without mandating changes to existing development tools.

Automation is another focus area for the product. The platform aims to minimise the need for manual remediation by automating security fixes, allowing both security and development teams to address vulnerabilities efficiently throughout the application lifecycle.

Industry perspective

Commenting on the challenges in application security, Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security at IDC, said:

"Application risks reaching production remain a persistent challenge for security teams and continue to leave organisations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organisations to stop threats faster and operate more efficiently."

Palo Alto Networks expects that the solution will allow organisations to streamline their approach to application security posture management, while accommodating the increasing pace of development associated with cloud and AI-driven applications.

Availability

Cortex Cloud ASPM is currently in early access, with general availability anticipated in the second half of 2025.