Palo Alto Networks' launched ot its Cortex Cloud Application Security Posture Management (ASPM) claims that its solution is designed to enhance application security through a prevention-first approach.
This allows security leaders and developers to identify and mitigate security risks before deploying cloud and AI applications, boasting efficiency improvements that are tenfold compared to traditional methods.
The Cortex Cloud ASPM integrates seamlessly with existing security infrastructures, enabling organisations to consolidate data from various third-party code scanners into a unified platform. This capability provides comprehensive visibility across the security landscape without necessitating changes in developers' preferred tools.
The open AppSec partner ecosystem includes prominent vendors such as Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode, allowing for a more robust security posture.
According to Sarit Tager, VP of product management at Palo Alto Networks, the rapid pace of AI-generated code development necessitates an evolution in security measures.
With the merging of cloud native application protection and cloud detection and response capabilities, Cortex Cloud aims to deliver an unparalleled approach to application security.
Tager stated, “Cortex Cloud automatically stops risks before they reach production, providing end-to-end visibility throughout the entire application lifecycle.”
Key benefits of the new ASPM include proactive risk prevention, allowing organisations to enforce targeted security measures based on full application and business context. This feature helps to eliminate the need for developers to switch tools while ensuring that critical, exploitable risks are prioritised over false alarms.
Another significant advantage of Cortex Cloud ASPM is its automation capabilities, which aim to alleviate the manual remediation burdens faced by security and development teams. This automation occurs at every stage of the application lifecycle, streamlining processes and enhancing operational efficiency.
IDC's research manager for DevSecOps and software supply chain security, Katie Norton, says the challenge of application risks reaching production remains a significant concern for security teams.
She emphasised the need for organisations to focus on identifying vulnerabilities that pose real risks, stating that Palo Alto Networks' Cortex Cloud ASPM can facilitate faster threat mitigation and improved operational efficiency.