* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Cloud Security](https://www.paloaltonetworks.com.au/blog/cloud-security/)
* [Announcement](https://www.paloaltonetworks.com.au/blog/cloud-security/category/announcement/)
* Why the Future of Cloud S...

# Why the Future of Cloud Security Is Agentic

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fcloud-security%2Fagentic-cloud-security-future-autonomous-defense%2F)  
[](https://twitter.com/share?text=Why+the+Future+of+Cloud+Security+Is+Agentic&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fcloud-security%2Fagentic-cloud-security-future-autonomous-defense%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fcloud-security%2Fagentic-cloud-security-future-autonomous-defense%2F&title=Why+the+Future+of+Cloud+Security+Is+Agentic&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/cloud-security/agentic-cloud-security-future-autonomous-defense/&ts=markdown)  
\[\](mailto:?subject=Why the Future of Cloud Security Is Agentic)  
Link copied  
By [Jonathan Bregman](https://www.paloaltonetworks.com/blog/author/jonathan-bregman/?ts=markdown "Posts by Jonathan Bregman")  
Feb 25, 2026  
5 minutes  
[Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown)  
[Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)  
[Cloud Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-platform/?ts=markdown)  
[CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown)  
[Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown)  
[Agentic AI](https://www.paloaltonetworks.com/blog/tag/agentic-ai/?ts=markdown)

The cloud gave us limitless scale. Software ships faster, environments reconfigure in seconds, and AI-generated code will soon account for [95% of what reaches production](https://www.gartner.com/en/webinar/566448/1276680#:~:text=By%202028%2C%20cloud%20computing%20will,execution%20will%20impact%20business%20effectiveness.). Threats, however, scale just as fast. AI-supported attacks unfold in [as little as 25 minutes](https://www.paloaltonetworks.com/resources/whitepapers/the-25-minute-ransomware-attack), half the time they required a year ago.

Security teams now sit between two exponential forces, defending with resources that grow linearly. [Thirty eight percent of teams spend a full day](https://start.paloaltonetworks.com/ESG-cloud-security-research-unified-platform.html) or more gathering alert context before response can begin. Across 2,800 surveyed organizations, 100% reported a [major cloud security incident](https://www.paloaltonetworks.com/state-of-cloud-native-security) in the past year. Dashboards, tickets, and human-centric remediations weren't built for AI scale.

Palo Alto Networks, the company that inaugurated CNAPP, is once again setting the standard, evolving cloud security from teams just viewing dashboards to teams fortified by a workforce of AI agents.

## We Found the Limits of CNAPP

Two years ago, AI copilots were the industry's answer to the scalability problem. They weren't enough, though, in that they still require a human analyst to prompt, interpret, and direct every step. Copilots accelerate information retrieval, but every decision waits on a person, which creates a bottleneck.

Relying solely on playbook-driven automation comes with a similar limitation. As soon as a threat falls outside the predefined logic of a response plan, you have to involve a person to manually carry out the investigation and response. In essence, you have a system that creates the illusion of speed without actually closing the velocity gap.

CNAPP, even with these advancements, hasn't solved the speed differential. Teams continue to spend [69% of investigation time collecting and correlating data](https://www.paloaltonetworks.com/state-of-cloud-native-security) --- before any actual response begins --- while the attack that triggered the alert executed in 25 minutes.

## The Four Pillars of an Agentic-Ready Cloud Security Platform

You can't drop autonomous agents into a legacy data model and expect results. Effective agentic security requires a purpose-built foundation. Here's how Palo Alto Networks has built that foundation for Cortex Cloud.

### 1. Unified Telemetry

Agents need data. The more context, the better. Fragmented tooling means fragmented data models, and an agent working off [17 disconnected sources](https://start.paloaltonetworks.com/ESG-cloud-security-research-unified-platform.html) can't reason accurately. The consequences are measurable: [99% of organizations](https://www.paloaltonetworks.com/state-of-cloud-native-security) attribute delayed incident response to fragmented data sources and the inability to correlate alerts across their environments.

Cortex Cloud provides the industry's only unified data lake connecting code to cloud to SOC, giving our agents the complete picture to correlate a vulnerability in a line of code with a live threat in the runtime environment --- simultaneously.

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/word-image-353256-1.png)

### 2. Deterministic Workflows

You can't simply instruct an agent to go fix your cloud security posture. Probabilistic AI requires deterministic guardrails. Our platform codifies over 1.2 billion real-world security responses into proven workflows, ensuring agents don't guess. They follow mature, validated procedures. The agent knows how to respond to an exposed vulnerability or an overly permissive role because we've encoded what good looks like at scale.

### 3. Identity-Centric Context

If identity is the new perimeter --- *and it is* --- then identity context is non-negotiable for agentic security. Agents must distinguish between a genuine threat actor and an authorized user making routine changes. Without deep, real-time identity intelligence, autonomous action creates as much risk as it mitigates. Cortex Cloud ensures our agents understand not just what is happening, but who is doing it and whether that behavior is expected.

### 4. Human-on-the-Loop Governance

Autonomy requires trust, and trust requires control. Our human-on-the-loop model shifts analysts from operators executing every task end-to-end to commanders reviewing and directing agent actions at the strategic level. Reasoning transparency gives every stakeholder a full audit trail of why an agent made a decision, making it possible to intervene precisely when needed rather than monitoring everything continuously.

## Introducing the Agentic Cloud Security Platform

Palo Alto Networks is closing the velocity gap with the launch of the Agentic Cloud Security Platform, a decisive shift from seeing risk to eliminating it autonomously. Unlike visibility-only tools that show you a map of the burning building, our agents take action --- [64% of critical vulnerabilities sit in production](https://start.paloaltonetworks.com/ESG-cloud-security-research-unified-platform.html) for one to two weeks before detection. That window closes here.

Organizations can now command a workforce of specialized AI agents that plan, reason, and execute routine security tasks independently, freeing your analysts to focus on the complex, strategic work that requires human judgment.

### Three New Cloud Security AI Agents Coming to Cortex Cloud

|            **Agent**             |                                                   **Capabilities**                                                   |                                       **Impact**                                        |
|----------------------------------|----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|
| **Application Security Agent**   | Detects vulnerabilities, writes the code patch, and opens a ready-to-merge Pull Request.                             | Ends the developer alert backlog and prevents logic gaps in API specs.                  |
| **Cloud Posture Security Agent** | Calculates blast radius, identifies root causes, and reverts configuration drift in production settings immediately. | Autonomously applies encryption or revokes unused permissions for non-human identities. |
| **Runtime Security Agent**       | Detects malicious processes --- including ransomware --- and terminates them in milliseconds.                        | Stops execution before damage occurs, rather than routing an alert to a queue.          |

## Autonomy with 100% Control

Deploying autonomous agents without oversight isn't a solution --- it's a different kind of risk. That's why our agentic-first cloud security platform is built on Cortex AgentiX, which provides enterprise-grade guardrails at every layer.

![image (23).png](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/02/image-23-png.png)

Reasoning transparency gives every agent action a complete audit trail of its planning and decision logic. Human-in-the-loop controls let organizations define exactly which actions run fully autonomously and which require analyst approval before execution. And by unifying AppSec, CloudSec, and SecOps on a single platform, we deliver complete context while eliminating the handoff gaps where threats have historically lived.

## The Bottom Line

Security fails when attacks scale faster than response.

[Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud), the agentic cloud security platform, changes the equation. Palo Alto Networks hasn't built a better dashboard or a smarter copilot. We've built a digital workforce --- one that operates at machine speed, with human accountability built in. Attackers have been moving at the speed of AI for some time now. As of today, so do defenders.

See Cortex Cloud in action. Schedule a [personalized demo](https://www.paloaltonetworks.com/cortex/cloud/demo).

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Cloud Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-platform/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown)

[#### Closing the Gap Between Cloud Visibility and Network Security](https://www.paloaltonetworks.com.au/blog/cloud-security/cloud-visibility-network-security-context-exposure-management/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown)

[#### Introducing Cortex Cloud 2.0: Smarter Cloud Security for an AI-Driven World](https://www.paloaltonetworks.com.au/blog/cloud-security/cloud-security-platform-cortex-cloud-2-0/)

### [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown)

[#### AI-Powered Cloud Security That Sees Everything and Fixes It Faster](https://www.paloaltonetworks.com.au/blog/cloud-security/ai-powered-cloud-security-cortex-cloud-2-0/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Prisma Cloud Innovations: September's Highlights](https://www.paloaltonetworks.com.au/blog/cloud-security/feature-innovations-2024/)

### [AI Security](https://www.paloaltonetworks.com/blog/cloud-security/category/ai-security/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)

[#### OWASP Top 10 for Agentic Applications 2026 Is Here -- Why It Matters and How to Prepare](https://www.paloaltonetworks.com.au/blog/cloud-security/owasp-agentic-ai-security/)

### [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Cloud-Native Application Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-application-protection-platform/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown)

[#### How Auto-Remediation Shifts the Odds in Cloud Security](https://www.paloaltonetworks.com.au/blog/cloud-security/auto-remediation-cnapp/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language