Introducing Cortex Cloud 2.1

By 
May 05, 2026
6 minutes
AI Security
Application Security
AppSec
CIEM
Cloud Security
Identity Security
Supply Chain Security

As organizations accelerate their digital transformation, the boundaries between development, data and infrastructure are disappearing. Cloud Security can no longer be a series of disconnected tools. It must instead be a cohesive fabric that spans the entire cloud-native stack. Today, we are happy to announce Cortex Cloud 2.1, a milestone release focused on three critical pillars: expanded visibility, unified governance and automated remediation.

From your Kubernetes clusters to the cutting edge of AI pipelines, Cortex Cloud 2.1 provides the guardrails and visibility you need to innovate with confidence. Let’s dive into the highlights of this release and what they mean for your organization.

Governance for the AI Frontier

AI is very much a reality of modern business. The rapid adoption of AI models, however, often outpaces security oversight. Cortex Cloud 2.1 brings specialized governance to your AI pipelines, ensuring your innovation doesn’t come at the cost of exposure.

Expanded AI Visibility and GCP Vertex Integration

  • What’s New? Deep visibility into AI applications running in cloud workloads, as well as new native visibility into GCP Vertex Model Garden models, including models invoked without deployed endpoints.
  • The Benefit: Eliminate shadow AI across workloads and managed AI services. Teams can now identify AI software packages in cloud compute and govern GCP Vertex Model Garden models, including models invoked without deployed endpoints. Together, this extends the AI bill of materials (AI-BOM) to ensure that your data science teams can experiment freely while security maintains a complete audit trail of every AI component in the pipeline.
AI Software packages in the AI-SPM module of Cortex Cloud
AI Software packages in the AI-SPM module of Cortex Cloud

Seeing the Human Behind the Permissions

In the cloud, identity is often fragmented across directories, cloud providers and SaaS applications, inadvertently creating dark permissions that attackers love to exploit.

Unified Human Identities

  • What’s New? A single virtual identity that links a person's accounts across directories, cloud IdPs and SaaS applications.
  • The Benefit: We are moving beyond raw logs to true identity risk. You can finally identify excessive or risky privileges that cross platform boundaries, which helps your SOC team to prioritize risk based on human access relationships versus simple machine configurations.
All human identities as shown in Cortex Cloud
Figure 2. All human identities as shown in Cortex Cloud

Securing On-Prem Data

Many enterprises aren't 100% in the cloud. They have legacy databases and complex Kubernetes environments that require a unified security posture.

Hybrid Data Security

  • What’s New? Data Security Posture Management (DSPM) support is expanded to on-premises databases, building on existing support for on-premises file shares.
  • The Benefit: You get a single pane of glass for your most sensitive data. Whether it lives in an AWS RDS instance, on-premises databases or shared file system, you can apply the same governance, ensuring that sensitive data is never exposed.

Zero-Friction Kubernetes and Container Security

As organizations scale their cloud-native footprints, the operational burden of deploying and maintaining security agents across every cluster can slow down development. Security should be an accelerator, not a bottleneck that creates blind spots in dynamic environments.

Agentless Kubernetes Security

  • What’s New? Agentless scanning for AWS Kubernetes environments, including clusters, nodes, namespaces and workloads.
  • The Benefit: Uncover critical misconfigurations and vulnerabilities across your entire Kubernetes environment in minutes, delivering 100% visibility and continuous posture management with zero operational friction or workload impact.

New Agent-Based CaaS Support

  • What’s New? Embed the XDR Agent within the container image for AWS Fargate CaaS workloads for real-time monitoring and protection.
  • The Benefit: Get real-time monitoring and protection for vulnerabilities, compliance issues and active threats while removing the friction of deploying an agent.
CaaS resource in Cortex Cloud
Figure 3. CaaS resource in Cortex Cloud

Remediation at the Speed of Code

The gap between finding a bug and fixing a bug is where risk lives. Cortex Cloud 2.1 introduces our first AI-native security assistant to close that gap.

Meet the AppSec AI Agent

  • What’s New: An AI agent that analyzes AppSec findings and automatically opens ready-to-merge fix PRs for the highest-risk issues.
  • The Benefit: Eliminates triage and context switching by delivering prioritized, validated fixes directly in the developer workflow. Simplicity reduces remediation time and now frees your teams to focus on shipping instead of sorting alerts.

New Integration with Snyk

  • What’s New: A native integration that brings Snyk SCA and SAST findings into Cortex Cloud’s unified platform and policy framework.
  • The Benefit: Consolidates risk across tools into a single view with consistent prioritization and enforcement. Teams keep their existing workflows while gaining clarity and control.
Simple onboarding of Snyk integration in Cortex Cloud
Figure 4. Simple onboarding of Snyk integration in Cortex Cloud

Unified Code-to-Registry Policies

Setting up a new policy in Cortex Cloud
Figure 5. Setting up a new policy in Cortex Cloud

Audit-Ready and Automated

Security is also about proving compliance. Cortex Cloud 2.1 takes the pain out of compliance audits and supports teams as they work to reduce risk by automating remediation to rapidly reduce cloud risks.

Audit Ready Compliance Reporting

  • What’s New? A unified evidence framework for SOC 2, PCI DSS and HIPAA that automates data collection across agent, agentless and Kubernetes sources.
  • The Benefit: Reclaim your weekends. We automate the collection of proof, so when the auditors arrive, you have a comprehensive, defensible report ready at the click of a button.

One-Click Remediation Playbooks

  • What’s New? New CSPM playbooks for AWS, Azure and GCP to fix internet-exposed compute and misconfigurations.
  • The Benefit: Fast, safe response. When a misconfiguration is detected, your team can resolve it with one click, using prevalidated workflows that minimize the risk of human error or breaking production environments.
Cortex Cloud compliance dashboard for easy management
Figure 6. Cortex Cloud compliance dashboard for easy management

Cloud Security That Innovates with You

Cortex Cloud 2.1 is designed for the speed of the modern enterprise, moving security from detect and notify to detect and resolve. By unifying posture, runtime and application security under a single, AI-driven command center, we are giving your team the power to see everything and the autonomy to fix it faster than ever. Now you can lower operational costs, reduce risk exposure and secure a more resilient cloud presence for every customer.

Ready to see Cortex Cloud in action? Request a demo today.

 

Related Blogs

Application Security, AppSec, Cloud Security, Supply Chain Security

Bitwarden CLI Impersonation Attack Steals Cloud Credentials and Spreads Across npm Supply Chains

AI Security, AI-SPM, CIEM, Cloud Security, Data Security, DSPM

Dissecting Shadow AI to Illuminate Hidden Footprints in Your Workloads

Application Security, AppSec, ASPM, Cloud Security, DevSecOps

Level Up Your AppSec Team with an Agentic Workforce

Application Security, AppSec, ASPM, Cloud Security, Partners

Palo Alto Networks and Veracode: Unifying Application Security from Code to Cloud

AI Security, AI-SPM, CIEM, Cloud Security, DSPM, Identity Security

Is AI a New Challenge for Cloud Security? Yes and No.

AppSec, Cloud Detection and Response, Cloud Runtime Security, Cloud Security, Supply Chain Security

Shai-Hulud 2.0: How Cortex Helps Protect Against the Resurgent npm Worm

Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts