* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog) * [Cloud Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/) * [AppSec](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/category/appsec/) * AI-Powered Cloud Security... # AI-Powered Cloud Security That Sees Everything and Fixes It Faster [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fai-powered-cloud-security-cortex-cloud-2-0%2F) [](https://twitter.com/share?text=AI-Powered+Cloud+Security+That+Sees+Everything+and+Fixes+It+Faster&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fai-powered-cloud-security-cortex-cloud-2-0%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fai-powered-cloud-security-cortex-cloud-2-0%2F&title=AI-Powered+Cloud+Security+That+Sees+Everything+and+Fixes+It+Faster&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/ai-powered-cloud-security-cortex-cloud-2-0/&ts=markdown) \[\](mailto:?subject=AI-Powered Cloud Security That Sees Everything and Fixes It Faster) Link copied By [Cody Queen](https://www.paloaltonetworks.com/blog/author/cody-queen/?ts=markdown "Posts by Cody Queen") Jan 06, 2026 6 minutes [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown) [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown) [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown) [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown) [Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown) [Agentic-First](https://www.paloaltonetworks.com/blog/tag/agentic-first/?ts=markdown) Cloud environments have grown too complex for manual oversight to keep pace. Shadow AI is proliferating faster than teams can track, non-human identities are multiplying across every environment, and fragmented codebases are leaving security gaps that attackers are happy to exploit. Security teams need more than visibility. They need a system that acts. ## The Cloud Security Platform, Redesigned for Action Cortex^®^ Cloud^TM^ 2.0 integrates agentic AI and human-powered threat intelligence to unify how teams visualize, investigate, and remediate risk from code to cloud to SOC. A single source of truth gives security teams total control over their cloud-native stack, replacing siloed workflows with an intelligent system that helps solve the problems other CNAPPs only surface. Here's what's new. ## The Cloud Command Center: From Alert Noise to Actionable Intelligence The redesigned Cloud Command Center replaces alert lists with a unified dashboard that surfaces the issues that matter most. Intuitive visualizations give security teams an immediate read on risks and vulnerabilities across their cloud environment, while integrated remediation workflows correlate assets, active threats, and permissions into a single, actionable interface, shifting the focus from flagging problems to fixing them. ![New Cloud Security Command Center Experience](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/word-image-353083-1.png) Figure 1. New Cloud Security Command Center Experience AI-powered risk prioritization cuts through the noise of high-volume security data, so teams spend less time piecing together context and more time acting on it. The result is faster risk reduction, sharper response times, and greater confidence across complex multicloud environments. ## Full Visibility Into AI, Data, and Non-Human Identities Shadow AI doesn't wait for security teams to catch up. Cortex Cloud 2.0 automatically detects shadow AI assets and generates a comprehensive AI bill of materials (AI-BOM) to maintain supply chain integrity. Specialized governance for Azure AI Foundry and expanded DSPM coverage for Databricks across AWS, Azure, and GCP close the gaps around unsecured notebooks and misconfigurations that traditional tools miss. ![Non Human (machine) identity visualization, showing impacted resources](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/word-image-353083-2.png) Figure 2. Non Human (machine) identity visualization, showing impacted resources Non-human identity protection gets a significant upgrade, as well. Dedicated tools now manage cloud secrets and pinpoint overexposed or unrotated credentials before attackers can exploit them. An enhanced Okta integration maps user identities and groups to specific roles and data vulnerabilities, giving security teams the correlated context they need to act decisively. Together, these capabilities reduce credential-based attack exposure, allowing organizations to innovate with AI and cloud data platforms without flying blind. ## AI-Driven Case Investigations and Runtime Protection Cortex Cloud 2.0 uses large language models to synthesize threat and attack data into a single, cohesive narrative with graph visualization, giving analysts an instant, structured picture of what happened, how and where. By mapping security events into unified cases, the platform eliminates the need to jump between tools and piece together data, which accelerates how quickly teams can digest critical incident information and act on it. Runtime protection expands, as well, extending coverage to AWS ECS and EC2 workloads with integrated Kubernetes drift scans that monitor for unauthorized changes in real time. Across the full compute stack, security teams now have a live defense layer that detects malware, behavioral threats, and exposed secrets as they emerge. ![AI-Driven Case Investigations screen](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/screenshot-2026-01-14-at-9-42-07-am-png.png) Figure 3. AI-Driven Case Investigations screen The combined effect is a dramatic reduction in mean time to respond (MTTR). Analysts no longer piece together fragmented alerts to find root cause --- the platform does it for them. Real-time monitoring and drift detection keep cloud environments resilient and compliant, closing the window on unauthorized configuration changes and active runtime attacks before they escalate. ## AI-Driven Application Security Cortex Cloud 2.0 pushes AppSec further left with a suite of AI-driven capabilities that help teams catch and fix risk before it reaches production. The AppSec AI Agent identifies critical issues, creates security policies, and opens pull requests autonomously, compressing remediation cycles without adding manual overhead. ### AI-Powered Guardrails Rather than waiting for teams to define preventative policies manually, AI-powered guardrails analyze your environment's actual risk profile and proactively recommend the most effective policies for your organization, without disrupting the development cycle or production readiness. Two guardrail strategies work in tandem to: 1. Lock down clean code assets to prevent new issues from being introduced. 2. Stop recurring problems by blocking packages with known vulnerabilities where a fix is already available. No other vendor proactively suggests guardrails based on your organization's actual risk profile, making Cortex Cloud the only solution to operationalize prevention-first security to this extent. ![AI-powered guardrails in the ASPM console](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/word-image-353083-4.png) Figure 4. AI-powered guardrails in the ASPM console ### Automated Application Inventory Automated Application Creation uses VCS attributes --- organizations, projects, and repositories --- to automatically build and maintain your application inventory, keeping it aligned with how your code is structured across GitHub, GitLab, Azure DevOps, and Bitbucket. As repos are added, moved, or renamed, the platform continuously recalculates relationships from code to pipeline to image to runtime. ### ASPM Cases ASPM Cases bring related risks across the application lifecycle into a single, actionable view, enabling remediation at scale rather than one issue at a time. Cases are organized around how AppSec teams operate, typically within repository boundaries, and scored automatically using SmartScore, which ranks each case by urgency, so teams always know where to focus first. Rather than forcing analysts to manually triage a flood of disconnected findings, ASPM Cases deliver a prioritized, consolidated picture of risk that drives faster, more decisive remediation. Security stops being a bottleneck when it moves at the speed of development. By embedding protection from the first line of code and automating fixes within existing developer workflows, Cortex Cloud lets teams ship faster without trading away coverage. ## Security That Sees Everything and Acts Cortex Cloud 2.0 moves security from detect and notify to detect and resolve, unifying posture, runtime, and application security under a single, AI-driven command center. Your team gets full visibility across the cloud-native stack and the autonomous capabilities to act on it, which reduces operational costs while shrinking risk exposure and building a more resilient cloud presence. Ready to see Cortex Cloud in action? [Request a demo](https://www.paloaltonetworks.com/cortex/cloud/demo) today. *** ** * ** *** ## Related Blogs ### [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Code Security](https://www.paloaltonetworks.com/blog/cloud-security/category/code-security/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Research](https://www.paloaltonetworks.com/blog/cloud-security/category/research/?ts=markdown) [#### An Inside Look into ASPM: Five Findings from New Industry Research](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/aspm-research-omdia/) ### [Application Security](https://www.paloaltonetworks.com/blog/cloud-security/category/application-security/?ts=markdown), [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown) [#### Palo Alto Networks and Veracode: Unifying Application Security from Code to Cloud](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/application-security-veracode-partnership/) ### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown) [#### Introducing Cortex Cloud 2.0: Smarter Cloud Security for an AI-Driven World](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/cloud-security-platform-cortex-cloud-2-0/) ### [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown) [#### Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downloads at Risk](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/npm-supply-chain-attack/) ### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Cloud Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-platform/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown) [#### Closing the Gap Between Cloud Visibility and Network Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/cloud-visibility-network-security-context-exposure-management/) ### [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [Cloud Detection and Response](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-detection-and-response/?ts=markdown), [Cloud Runtime Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-runtime-security/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Supply Chain Security](https://www.paloaltonetworks.com/blog/cloud-security/category/supply-chain-security/?ts=markdown) [#### Shai-Hulud 2.0: How Cortex Helps Protect Against the Resurgent npm Worm](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/shai-hulud-2-0-npm-worm-detection-blocking/) ### Subscribe to Cloud Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language