Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats

Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that natively brings together new releases of its cloud detection and response (CDR) and cloud native application protection platform (CNAPP) capabilities on the unified Cortex platform.

The new solution equips security teams with significant innovations powered by AI and automation that go beyond traditional “peace time” approaches to cloud security and stop attacks in real-time.

Unit 42 reports reveal that 80% of security exposures were found in cloud attack surfaces, with a 66% increase in threats targeting cloud environments. As cloud adoption and AI usage grow, Cortex Cloud unifies data, automates workflows, and applies AI-driven insights to reduce risk, prevent threats, and stop attacks in real time.

Cortex Cloud is designed to ingest and analyze data from third-party tools to provide centralized visibility, AI-driven insights and end-to-end remediation across the entire cloud security ecosystem.

“As more critical business applications move to the cloud, cloud security must expand to include industry-leading runtime protection. And to make it as easy as possible for our customers to adopt end-to-end cloud security, we’re including CNAPP at no additional cost for every Cortex Cloud Runtime Security customer. With Cortex Cloud, we are delivering the next generation of cloud security — enabling organizations to swiftly prevent, detect, investigate, and respond to evolving threats across their entire enterprise,” said Lee Klarich, CPO of Palo Alto Networks.

Cortex Cloud delivers on Palo Alto Networks platformization strategy by rearchitecting its cloud security solution on the AI-driven Cortex SecOps platform to deliver a powerful unified user experience with persona-driven dashboards and workflows. Cortex Cloud helps customers achieve superior protection at a significantly lower total cost of ownership and provides additional value and new features including:

• Application security: Build secure apps and prevent issues in development before they become production issues that attackers can target. Cortex Cloud identifies and prioritizes issues across the entire development pipeline with end-to-end context across code, runtime, cloud and newly introduced third-party scanners.
• Cloud posture: Improve multi-cloud risk management with new AI-powered prioritization, guided fixes to resolve multiple risks with a single action, and automated remediation. Additionally, Cortex Cloud delivers a single user experience with tight integration across all of Prisma Cloud’s cloud posture capabilities.
• Cloud runtime: Stop attacks in real time. Cortex Cloud natively integrates the unified Cortex XDR agent, enriched with additional cloud data sources, to prevent threats with advanced analytics – as proven by industry-leading results in the most recent MITRE ATT&CK testing. Our new Cloud Runtime Security offering includes the world’s leading CNAPP capabilities at no additional cost, maximizing adoption of end-to-end cloud security on a single platform.
• SOC: The preferred SOC platform for enterprise and cloud, expanding beyond what any SIEM can deliver. Cortex Cloud natively integrates cloud data, context and workflows within Cortex XSIAM to significantly reduce the mean time to respond (MTTR) to modern threats with a single, unified SecOps solution.

“Security teams need to mitigate risk to reduce the chance of cybersecurity incidents, and if and when an incident occurs, they need to respond as quickly as possible. Our research shows that security teams struggle with remediation efficiency because application security, cloud security, and security operations tools and processes have been historically siloed. With the introduction of Cortex Cloud, Palo Alto Networks delivers a unified code-to-cloud-to-SOC platform giving security teams the context to prioritize and drive remediation actions with the highest impact on reducing risk, while speeding up detection and response for security operations,” said Melinda Marks, practice director, cybersecurity, Enterprise Strategy Group.