Cloud, Security

Palo Alto Networks integrates Prisma Cloud with Cortex CDR to create integrated AI-powered cloud security platform

by  • 

Cortex took everything from Prisma cloud and brought it into Cortex,” creating a unified data plane that covers everything cloud.

Palo Alto Networks has announced that it is making a major leap forward in cloud security with the introduction of Cortex Cloud – a next-generation security platform that unifies Prisma Cloud and Cortex CDR to stop attacks in real time, secure the entire cloud ecosystem with AI-driven precision, and united SOC and CNAP capabilities in a single solution

“From a cloud perspective, many practitioners do the same thing that a SOC will  do,” said  Elad Koren, Vice President, Product Management, Palo Alto Networks. “They solve an incident and then they move on.  Now we do this for them. We provide DevSecOps teams with all the information that they need to fix issues. Today, no one system does all this. Instead they require multiple CNAP cooperation, which is focused on posture and disconnected from Run time. They address the issue of whether or not you are being attacked.”

Koren came to Palo Alto Networks from Prisma Cloud, where he had previously been VP Product, which gives him a deep focus on the active SOC piece, understanding of the product line and how the product’s security works.

“We took everything from Prisma cloud and brought it into Cortex,” he said. “Prisma cloud is now a unified data plane that covers everything cloud.”

Cortex Cloud delivers on Palo Alto Networks new  platformization strategy by rearchitecting its cloud security solution on the AI-driven Cortex SecOps platform to deliver a powerful unified user experience with persona-driven dashboards and workflows. It  helps customers achieve superior protection at a significantly lower total cost of ownership and provides additional value and new features including:

“This is going to revolutionalize the way that organizations do security,” Koren said, “The future will be protecting against advanced attacks and we see this as the only tool that can do that.”

The new Cloud Runtime Security offering stops attacks in real time. Cortex Cloud natively integrates the unified Cortex XDR agent, enriched with additional cloud data sources, to prevent threats with advanced analytics – as proven by industry-leading results in the most recent MITRE ATT&CK testing.A recent joint Palo Alto Networks/IBM survey found that more than half (52%) of respondents identified fragmentation of security solutions is limiting their ability to deal with cyberthreats. The new Cloud Runtime Security offering includes the world’s leading CNAPP capabilities at no additional cost, maximizing adoption of end-to-end cloud security on a single platform.

“This expands beyond what any SIEM can deliver in a single, unified SecOps solution,” Koren stated. “It allows for the building of secure apps and prevents issues in development before they become production issues that attackers can target. It also replaces 16 separate tools with a single one.

“This expands beyond what any SIEM can deliver in a single, unified SecOps solution,” he emphasized.

“This expands beyond what any SIEM can deliver in a single, unified SecOps solution,” Koren said. “It adds three things: a unified data lake, something that was not available when the solutions were disconnected; a natural AI piece; and enhanced automation. It provides better efficiency for cloud teams and SOCs, and allows us to innovate way faster. We also broadened and enabled more things. This was not a ‘lift and shift.’ In addition to the unified data lake, it now has improved automation and orchestration capabilities, The ability to use playbooks out of the box has also been improved.”

Koren said that they improved multi-cloud risk management with new AI-powered prioritization, guided fixes to resolve multiple risks with a single action, and provided automated remediation. Additionally, Cortex Cloud delivers a single user experience with tight integration across all of Prisma Cloud’s cloud posture capabilities.

‘We wanted to address CNAP problems in a uniform way, even though they do a very different job,” he stated. Cortex XSIAM customers who add Cortex Cloud will gain native CNAPP capabilities at no additional cost, ensuring organizations can secure their entire cloud footprint without added complexity.

Cortex Cloud will be available to customers later in Q3 FY25. Existing Prisma Cloud customers will be seamlessly upgraded to Cortex Cloud, while Cortex XSIAM customers who add Cortex Cloud will gain native CNAPP capabilities at no additional cost,