Many enterprises have adopted a cloud-first policy, moving significant workloads to the cloud. As cloud-native applications grow in complexity and scale – with containers, APIs, microservices, and more, even the most trusted security tools are struggling to keep pace. Organizations have started adopting Cloud Native Application Protection Platforms (CNAPP), which offer streamlined protection for a sprawling cloud environment while simplifying configuration and compliance.

CNAPP is a great starting point for securing cloud environments. However, many of the first generation CNAPP platforms lack context resulting in security teams struggling with data correlation across different tools, making it difficult to prioritize and remediate risks and understand the root cause of security incidents effectively.

Organizations with understaffed security teams will find it overwhelming to handle all the alerts coming from the CNAPP platform resulting in alert fatigue and frustration. While designed to span the entire application lifecycle, some CNAPPs struggle to provide comprehensive security across all stages from development to runtime, leading to potential vulnerabilities.

The next leap forward is Agentic AI – a goal-oriented system that plans work, chooses tools, takes guarded actions, and learns from outcomes. Unlike traditional security AI, which primarily routes and summarizes alerts, Agentic AI operates proactively – addressing complex security workflows and making judgment calls that previously required a human expert. The shift is subtle but profound: fewer dashboards to inspect, more decisions made correctly the first time.

Three dynamics make cloud defense a perfect testbed for agentic systems:

1. Scale & speed: Configurations drift by the minute across accounts/regions/providers.
2. Noise: Vulnerability + telemetry volumes bury meaningful signals.
3. Repeatability: Triage, ticketing, ownership resolution, and template fixes follow predictable patterns.

Benefits emerging in Cloud Security leveraging Agentic AI:

• Context-aware risk prioritization: Evaluate multiple factors such as exploitability, runtime presence, internet exposure, existing mitigating controls, and business criticality.
• Remediation impact simulation: Simulate the implementation of patches, package updates, IaC, and code fixes to identify high-impact, low-effort solutions.
• Root cause analysis: Pinpoint the origin of an issue, tracing it back to the asset, lines of code, IaC tool, and DevOps owner.
• Code generation: Generate replacement code in IaC based on the organization’s infrastructure and policies.
• Identify mitigation options: Analyze cloud security services and guardrails to detect available mitigation measures to reduce the severity of risks.
• Autonomous threat response: Rapidly detect and respond to threats like lateral movement or credential abuse, far outpacing human analysts.
• Autonomous Resolution: Help an organization move from manual alert-and-fix process to autonomous prevention.
• Adaptive risk assessment: Instead of relying on a static set of rules, Agentic AI performs continuous, context-aware risk assessments that adapt to the evolving state of a cloud environment.
• Proactive threat hunting: Move beyond simply reacting to alerts to proactively hunt for unknown threats within your environment.
• Dynamic Access Control: Evaluate real-time risk factors, adjust permissions dynamically, and optimize access control policies.

While full auto-remediation will take a bit more time to develop, Agentic AI gets security and DevOps 90% of the way there. It promises to significantly reduce the burden and operational toil that teams have traditionally faced in closing tickets and resolving issues.

Let’s consider a concrete example, i.e. vulnerability management. In a typical container estate, vulnerability scans identify tens of thousands of potential Common Vulnerabilities and Exposures (CVEs) within container images and their dependencies. However, vast majority of these detected flaws are not present in active memory at runtime. Only a small fraction of these vulnerabilities can be exploited and represent actual security exposure. An Agentic AI system can:

• Filter findings against runtime evidence (CSPM posture, asset criticality).
• Prioritize high-leverage fixes (e.g., patch a base image collapsing whole CVE classes) via policy-driven heuristics.
• Generate remediation guidance mapped to your IaC standards (Terraform).
• Open tickets with owners, rollback plans, and change windows (Jira/ServiceNow).
• Track closure & risk delta in a unified Evidence Graph, proving exposure really dropped.

Outcome: Less debate, more documented end-to-end risk mitigation.

No one should blindly hand the keys to an automated system. Agentic AI earns trust by making its reasoning inspectable: why a risk was prioritized, what change it proposes, which dependencies it considered, and how it measures expected impact. This clarity enables the teams to validate decisions, approve with confidence, and gradually delegate more autonomy where change success rates are high and rollback is safe. Over time, organizations can evolve from manual triage to explainable, progressive automation.

A pragmatic operating model: Four practices to adopt Agentic AI

1. Policy-as-code first. Express identity, network, and data controls in source control. Agents read policies there and write proposed changes back as PRs for human review and auditability.
2. Guardrails over guesswork. Use canary environments, short-lived credentials, and clear separation of duties. High-impact actions remain approval-gated; low-risk classes (e.g., drift reversion) can be auto-executed.
3. Evidence graphs. Unify posture, runtime, identity, and data lineage into a single, query able view so agents can reason over facts, not fragments.
4. Progressive autonomy. Start with “read-only and explain,” move to “approval-gated fixes,” and expand auto-execute only where rollback is proven.

Organizations need not build these AI agents from the ground up. Leading players like Palo Alto Networks offer comprehensive cloud security solutions, having integrated Agentic AI into their Cortex Cloud platform. This platform combines Cloud Native Application Protection Platform (CNAPP) and Cloud Detection and Response (CDR) capabilities, delivering a unified approach to cloud security. Cortex Cloud is designed to stop attacks in real-time through AI-powered prioritization, automated remediation, and a simplified user experience. It also includes features for application security, cloud posture management, and end-to-end remediation across the entire cloud security ecosystem. The offering is available on Cortex XSIAM, making it a preferred SOC platform for enterprise and cloud environments. These solutions are further enhanced by the Infosys Cyber Next platform, which adds significant value for customers through deep integration, contextual intelligence, and operational scalability.

30-60-90 days to value

1. Days 0–30

• Connect cloud accounts to create one trusted view of risk.
• Let agents “watch and explain” only but no auto-fixes.
• Compare agent recommendations to current practice and tune accuracy.

2. Days 31–60

• Plug the agent into CI/CD and ticketing so it proposes PRs with owners, risk context, and rollback plans.
• Keep analysts in the loop for anything that changes access, data paths, or internet exposure.

3. Days 61–90

• Allow auto-execute for pre-approved, low-risk actions that have succeeded repeatedly.
• Expand automation gradually; track change failures and enforce auto rollback.

Minimal metrics that matter: These two metrics reveal whether the program is reducing exposure faster and doing so safely.

1. Time to remediate prioritized risks.
2. Percent of critical findings auto repaired within policy SLAs.

Successful programs don’t boast about “AI adoption”. They show smaller backlogs, fewer escalations, cleaner identities, and faster hardening; especially in the messy middle where most breaches start: misconfigurations, excessive privileges, and unowned assets. Experts spend more time on adversary simulation, architecture improvements, and investigation depth because the repetitive work runs itself, with receipts.

Bottom line

Agentic AI isn’t another dashboard. It’s a way to convert cloud noise into defensible action at machine speed but on human terms. Start narrow, insist on explainability, wire changes through your existing guardrails, and automate only what proves safe. Do that, and you move from reacting to risks to reliably erasing them week after week, release after release.

Author details

Prassanna Rao Rajgopal, Industry Principal, Infosys

Prassanna is a cybersecurity leader with over 21 years of experience. He leads the North America strategic alliance and partnership with Palo Alto Networks, shaping joint go-to-market security offerings, co-innovation and field enablement. His work includes developing cybersecurity roadmaps in collaboration with CISOs and building Security Operations Centers. His expertise spans cybersecurity transformation, service delivery, and alliance-led growth across SOC, Cloud, Identity, and Zero Trust.

Ananda Krishna, Principal Technology Architect, Infosys

Ananda is a Cybersecurity leader with 25 years of experience specializing in Identity and Access Management (IAM), Cloud Security, Zero Trust architectures, and AI/ML-driven Identity Intelligence. He specializes in delivering large-scale transformations that reduce risk, enhance operational efficiency, and align security with business objectives.