Palo Alto Networks Inc. kicked off the annual Black Hat USA security conference in Las Vegas this week with today’s announcement of its Cortex Cloud Application Security Posture Management solution.
The ASPM offering is designed to fix security issues before cloud and AI applications have been deployed. The traditional method of securing apps is a highly fragmented set of manual processes. Instead of a single, unified platform, developers rely on a collection of point products and manual processes that are disconnected from each other. This method is often characterized as “tool sprawl” and has no single source of truth.
Cortex Cloud ASPM operates on the concept of moving security to the earliest stages of development, also known as shifting left. Instead of waiting until an application is deployed to find vulnerabilities, the platform integrates directly into the developer’s workflow and continuous integration and continuous delivery or CI/CD pipelines. This allows it to scan code for misconfigurations, compliance violations and other vulnerabilities in the source code, open-source libraries and infrastructure as code templates as well as identify hardcoded API keys and passwords in the code.
This release extends Cortex Cloud — introduced earlier this year — which combined the company’s cloud-native application protection platform, or CNAPP, and its cloud detection and response, or CDR, technologies to deliver real-time security. Palo Alto has been the most active security vendor in evangelizing the value of a security platforms and this is another example of the value of bringing a set of tools together.
In a prebriefing for industry analysts, Cameron Hyde, product marketing manager for application security, said that as Palo Alto moves from Prisma Cloud to Cortex Cloud, the company wants to more tightly align three pillars — data integration, AI-driven intelligence and automation — as it extends these capabilities to the SOC for tight synergies on the underlying data.
One of the discussion points on the call was the impact of AI on coding. While it is certainly true that organizations can write code at a pace never seen before, it’s also true that the accelerated use of AI can push insecure code into production at an equally unprecedented rate. As this happens, traditional application security approaches struggle to prevent risks, only alerting security teams after they’ve already slipped into production.
Customer benefits: Context is king
Palo Alto says Cortex Cloud ASPM fully integrates with and enhances the application security offerings already available in Cortex Cloud to deliver benefits including:
- Risk prevention: Using full application and business context to proactively stop security issues from reaching production by enforcing guardrails without slowing development.
- Prioritization: Avoiding false alarms by pinpointing critical, exploitable risks without requiring developers to use different tools. Leveraging an open ecosystem of native and third-party scanners to correlate findings with full code, cloud, runtime and business context.
- Eliminating manual remediation: Security and development teams can avoid backlogs by applying automation throughout the entire application lifecycle.
“When we talk with customers about prevention, they mostly say they cannot really prevent,” Sarit Tager, vice president of product management, said in the analyst briefing. “They say, ‘It’s too much, the developers will suffer.’ And we point out that without prevention, it may cost more when you go to production, since you’ll need to figure out who actually wrote the code and how to go back and rebuild it. All of that is really expensive in terms of developer time.”
Leveraging AppSec partners
Cortex Cloud features an open AppSec partner ecosystem to enable customer organizations to consolidate data from third-party code scanners into a centralized platform for comprehensive visibility. The goal is to combine native ASPM data with third-party vendor insights to provide organizations with a stronger security posture that doesn’t require them to change tools.
Palo Alto’s AppSec partners include Checkmarx, Snyk and Veracode. The integration with third parties has been a core component of Palo Alto’s platform strategy for the past several years. No security vendor can do everything and by partnering, Palo Alto can fill in the gaps in its platform.
Cortex Cloud ASPM early access is underwa, with general availability expected to be in October.
AI is having a massive impact on coding and companies of all sizes are now using the technology to spin up thousands of lines of code daily versus the few hundred that could be accomplished with people. Along with this, organizations need to rethink how the code is secured through AI enabled automated systems.
