Cortex Internal Developer Portal

I have experiences in Cortex.io  to centralize overall security and engineering insights and to track the overall health and risk metrics. I use it for monitoring scoreboards, metrics to measure systems' reliability, and the security posture overall. I also track the vulnerabilities and do remediation progress, provide visibility into the team performances and compliance data, and use dashboards to prioritize security and improve overall operations with my team. I drive data-based decisions to reduce risk and improve engineering efficiency.

I use Cortex.io  daily to track my security and the operational health metrics for services. For example, I use it to monitor service scoreboards that measure things such as vulnerability backlogs, deployment risk, incident trends, and compliance metrics. When I saw a service with a growing vulnerability backlog, I worked with the engineering team to prioritize remediation tasks and track the progress in Cortex.io. I updated dashboards and metrics so that leadership could see improvements over time, which helped teams make data-driven decisions. It helped them reduce risk by ensuring vulnerabilities were addressed in a timely manner, and everything was fixed promptly.

Another example of how I used Cortex.io is that I used it to monitor security and compliance health across our services. I review service scoreboards and metrics that track open security findings, configuration compliance, incident response performance, and deployment risk indicators. When a service showed non-compliant configurations or any open findings, I notified the engineering teams, helped prioritize remediation, and tracked progress in Cortex.io dashboards. I provided updates so leadership could measure improvements. Overall, this ensured security issues were addressed proactively and in a timely manner, giving teams clear visibility into the risk. I check dashboards and metrics regularly as part of my daily workflow and use the data to guide security and operational improvements.

In my opinion, one of the best features of Cortex.io is the unified service catalog because Cortex.io automatically builds a centralized catalog for all your services and teams, detailing the ownerships, so you always know what exists and who owns that feature. I also love the scorecards and readiness checks; Cortex.io provides custom scoreboards that measure things such as security controls and best compliance practices, allowing teams to track health and improvements over time. I also love the progress tracking and how you can initiate and tie the scorecard goals so that work isn't just visible but actionable, allowing you to complete owners, deadlines, and also track progress that way. I appreciate the visibility and overall better reliability, as Cortex.io helps speed up onboarding, improves reliability, and frees engineers to focus on high-impact work throughout the team.

The scorecards control the readiness, security controls, and best practices, and they have helped my team make better tracking of health improvements and save a lot of time.

Cortex.io has positively impacted team collaboration because it provides clear visibility into service health, security posture, and operational metrics. Before Cortex.io, insights were scattered across tools and spreadsheets, making it harder to prioritize work and measure progress. With Cortex.io, my teams could see scoreboards and metrics all in one place, which allowed us to identify vulnerabilities and risks faster. We track remediation progress over time, make data-driven decisions more quickly, and improve collaboration through shared visibility. This enhances my team's efficiency, accountability, and helps reduce risk by addressing issues proactively and in a timely manner.

I experienced timely remediation because Cortex.io improved my team's efficiency and security visibility by centralizing service measures and risk data. Before using it, we tracked vulnerabilities and operational metrics in separate tools and spreadsheets, which made prioritization difficult. We reduced time spent searching for risk data because everything was on one dashboard, and my teams could quickly see scoreboards. We did remediation efforts to track it better and prioritize high-risk issues faster, and overall, it improved collaboration and decision-making within my security team. The operational health measures also made it more transparent.

One feature I would love to see in Cortex.io is more advanced real-time threat detection and automated alerting. I feel that this is very important, especially tailored for vulnerability severity and risk prioritization. Currently, Cortex.io provides excellent scoreboards and insights, but having real-time security alerts tied directly to risk levels, with automatic escalation and suggested remediation actions, will make the platform even more powerful in my opinion. This matters because it bridges the gap between observability and active security response, helping prioritize high-severity risks automatically, which can cut down the time spent manually correlating metrics and alerts.

One area for Cortex.io's improvement could be deeper automation and actionable recommendations. For example, the automation prioritization for vulnerabilities by risk could have more remediation actions based on historical issues, and also more security tools for real-time alerts.

I have been using Cortex.io for about five years.

Something I wish I knew before starting that could serve as good advice for others looking into using Cortex.io is to integrate it into your daily workflow. If possible, use it more than just part of your daily routine. I feel that it should be used actively as a decision-making tool and not just for visibility. The scorecards and metrics are powerful, and they are most valuable when teams actively use the insights to prioritize security and operational improvements. I advise others to regularly review scorecards and health metrics and to treat the dashboards as decision-making tools. Collaborate on remediation based on insights, track progress over time, focus on metric improvements, and maintain clear ownership and accountability, as Cortex.io works best when integrated into team processes, leading to better overall improvement. I would rate my overall experience with Cortex.io as an 8 out of 10.

I use Cortex.io  for cloud security to check vulnerabilities and for application security to check misalignments, misconfigurations, and open scanning of vulnerabilities in the environment, in the cloud environment. My main use case for Cortex.io  is cloud security.

The best features Cortex.io offers are the dashboard, which is very detailed, and the fact that you can run different kinds of testing such as application security testing, vulnerability management testing, and cloud security testing, allowing you to see the levels and rankings of how vulnerable those situations are, including the risk factors.

Out of those features, the dashboard stands out as the most valuable to me because it contains all of the information and analytics that is required.

Cortex.io has positively impacted my organization by helping as an accelerator in fixing a bunch of different code reviews and cloud-based systems, and we also use it for client work just to ensure that everything is properly shipped.

The specific outcomes from using Cortex.io include quicker insights represented by numbers and graphs, allowing us to see the severity level, the number of open vulnerabilities, and the number of open tickets, which helps us check which one to resolve first.

For now, I cannot think of how Cortex.io can be improved. I do not have more about the needed improvements, even small things that could make my experience better.

I have been using Cortex.io for about a year.

I would assume Cortex.io is stable.

I think Cortex.io is quite scalable for multiple users depending on the task and demand.

I haven't had to reach out to customer support, so I wouldn't know how it is.

Negative

I did not previously use a different solution.

I am not sure if we purchased Cortex.io through the AWS Marketplace , but it is provided by Palo Alto.

I cannot really tell if we purchased Cortex.io through the AWS Marketplace , but it is provided by Palo Alto.

I have not seen a return on investment, so I cannot share relevant metrics.

I am not sure about my experience with pricing, setup cost, and licensing.

Before choosing Cortex.io, I did not evaluate other options because I did not make the decisions; it was a business decision.

I think Cortex.io is a good space to start.