* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Infrastructure Entitlement Management](https://www2.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/)
* Cortex Cloud Named Leader...

# Cortex Cloud Named Leader and Outperformer in the 2026 GigaOm Radar for CIEM

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fgigaom-radar-ciem-cortex-cloud-leader-2026%2F)  
[](https://twitter.com/share?text=Cortex+Cloud+Named+Leader+and+Outperformer+in+the+2026+GigaOm+Radar+for+CIEM&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fgigaom-radar-ciem-cortex-cloud-leader-2026%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fgigaom-radar-ciem-cortex-cloud-leader-2026%2F&title=Cortex+Cloud+Named+Leader+and+Outperformer+in+the+2026+GigaOm+Radar+for+CIEM&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/gigaom-radar-ciem-cortex-cloud-leader-2026/&ts=markdown)  
\[\](mailto:?subject=Cortex Cloud Named Leader and Outperformer in the 2026 GigaOm Radar for CIEM)  
Link copied  
By [David Trigano](https://www.paloaltonetworks.com/blog/author/david-trigano/?ts=markdown "Posts by David Trigano") and [Andrea Halsted](https://www.paloaltonetworks.com/blog/author/andrea-halsted/?ts=markdown "Posts by Andrea Halsted")  
Mar 05, 2026  
4 minutes  
[Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown)  
[Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)  
[IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam-2/?ts=markdown)  
[Identity Security](https://www.paloaltonetworks.com/blog/cloud-security/category/identity-security/?ts=markdown)  
[Analyst Report](https://www.paloaltonetworks.com/blog/tag/analyst-report/?ts=markdown)

In today's cloud environments, identity is the new security perimeter.

A new generation of cloud services, automated workflows and AI-integrated applications is driving an explosion of nonhuman identities --- service accounts, APIs keys, OAuth tokens and roles that require persistent access to operate. These identities outnumber human users and frequently run with elevated privileges, creating a rapidly expanding attack surface that traditional security controls were not designed to govern.

Cloud risk doesn't become material until an identity can exploit it. In large multicloud environments, thousands of roles, service principals and machine identities inherit permissions through nested policies and cross-account trusts. Effective access often bears little resemblance to intended access. CIEM provides the missing layer of exploitability context inside CNAPP, calculating who can reach sensitive resources, exposing toxic permission paths and shrinking blast radiuses before attackers can leverage valid credentials. Without entitlement intelligence, posture findings remain isolated signals. With it, security teams can prioritize and remediate based on real access risk.

Palo Alto Networks Cortex Cloud^TM^ has been named a **Leader and an Outperformer in the 2026 GigaOm Radar for Cloud Infrastructure Entitlement Management (CIEM)**, positioned in the Innovation / Platform Play quadrant. The recognition reflects both the maturity of Cortex Cloud Identity Security and the importance of CIEM as a foundational capability for securing modern multicloud environments.

## Why CIEM Is Foundational to the Modern CNAPP

Identity has become the primary pathway attackers use to move through cloud environments. Recent incident response data shows [identity weaknesses involved in nearly 90% of investigations](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report), with a majority of initial access relying on stolen credentials, hijacked sessions or the abuse of excessive privileges. Attackers log in rather than break in, using legitimate access to move laterally while avoiding traditional detection controls.

In large multicloud estates, entitlements continuously expand as new services are deployed and third-party integrations are added. Identities tend to accumulate permissions that extend well beyond original purposes. Dormant accounts persist and cross-account trusts multiply. Privilege inheritance through nested policies makes effective access difficult to understand.

Nonhuman identities, often operating with elevated privileges and far outnumbering human users, amplify the problem. Ephemeral resources, too, present challenges, as the permissions granted to them can persist indefinitely, leaving invisible access pathways across the environment.

Without CIEM, security teams lack the context to understand how identities, permissions and resources connect, which makes it difficult to reconstruct attack paths. CIEM provides continuous visibility into who --- or what --- can access critical assets. Organizations can now enforce least-privilege and piece together the full risk story across their cloud ecosystem.

![GigaOm Radar CIEM 2026](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/03/word-image-353613-1.png)

## Key Highlights from the GigaOm CIEM Report

GigaOm recognized Cortex Cloud for strong performance in the capabilities that most directly reduce identity-driven risk in complex multicloud environments:

* **AI-Driven Detection of Identity Threats:** Identify compromised credentials, privilege escalation and abnormal access patterns early using machine learning--based behavioral analysis across cloud environments.
* **Continuous Governance of Permissions:** Maintain control over identity sprawl by tracking entitlements throughout their lifecycle, uncovering dormant accounts, orphaned privileges and policy violations before they can be exploited.
* **Audit-Ready Compliance at Scale:** Demonstrate continuous compliance with major regulatory frameworks through automated monitoring, immutable audit trails and approval workflows that govern configuration changes.

## One Platform to Control Identity Risk in the Modern Cloud

Beyond individual capabilities, the report highlights the importance of integrated solutions. Organizations increasingly seek platforms that [correlate identity risk with misconfigurations, vulnerabilities and runtime threats](https://www.paloaltonetworks.com/state-of-cloud-native-security) across cloud environments.

"Cortex Cloud delivers cloud infrastructure entitlement management through a unified data lake architecture that consolidates identity security with CNAPP capabilities across AWS, Microsoft Azure and GCP." --- GigaOM

[Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management) offers CIEM as part of a unified code-to-cloud-to-SOC platform, combining identity security with posture management, data security, threat detection and compliance capabilities. This integration enables security teams to prioritize risk based on real impact rather than isolated findings.

## Advancing Identity Security for the Cloud and AI Era

Identity governance is foundational to securing today's cloud. As infrastructure becomes more dynamic and machine identities proliferate, organizations need continuous visibility and automated controls to prevent identity gaps from becoming cloud ecosystem entry points.

Recognition as a Leader and Outperformer in the 2026 GigaOm CIEM Radar reflects Cortex Cloud's ability to address modern challenges while supporting the broader goal of securing innovation across the entire lifecycle, from development through operations.

Read the [GigaOm Radar for Cloud Infrastructure Entitlement Management Report 2026](https://start.paloaltonetworks.com/gigaom-ciem.html) to see how leading platforms approach entitlement risk --- and why Cortex Cloud was recognized as a Leader and Outperformer.

*** ** * ** ***

## Related Blogs

### [CIEM](https://www.paloaltonetworks.com/blog/cloud-security/category/ciem-2/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam-2/?ts=markdown), [Identity Security](https://www.paloaltonetworks.com/blog/cloud-security/category/identity-security/?ts=markdown), [KSPM](https://www.paloaltonetworks.com/blog/cloud-security/category/kspm/?ts=markdown)

[#### Turning Kubernetes Last Access to Kubernetes Least Access Using KIEMPossible](https://www2.paloaltonetworks.com/blog/cloud-security/kubernetes-identity-security-kiempossible/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Identity Security](https://www.paloaltonetworks.com/blog/cloud-security/category/identity-security/?ts=markdown)

[#### Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor-Neutral CIEM Is Now](https://www2.paloaltonetworks.com/blog/cloud-security/ciem-essential-mepm-retired/)

### [AI Security](https://www.paloaltonetworks.com/blog/cloud-security/category/ai-security/?ts=markdown), [AI-SPM](https://www.paloaltonetworks.com/blog/cloud-security/category/ai-spm/?ts=markdown), [CIEM](https://www.paloaltonetworks.com/blog/cloud-security/category/ciem/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [DSPM](https://www.paloaltonetworks.com/blog/cloud-security/category/dspm/?ts=markdown), [Identity Security](https://www.paloaltonetworks.com/blog/cloud-security/category/identity-security/?ts=markdown)

[#### Is AI a New Challenge for Cloud Security? Yes and No.](https://www2.paloaltonetworks.com/blog/cloud-security/ai-security-gap-cloud-models-agents/)

### [CIEM](https://www.paloaltonetworks.com/blog/cloud-security/category/ciem-2/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [DSPM](https://www.paloaltonetworks.com/blog/cloud-security/category/dspm/?ts=markdown), [IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam-2/?ts=markdown)

[#### All Paths Lead to Your Cloud: A Mapping of Initial Access Vectors to Your AWS Environment](https://www2.paloaltonetworks.com/blog/cloud-security/aws-initial-access-cloud-perimeter-security/)

### [CIEM](https://www.paloaltonetworks.com/blog/cloud-security/category/ciem-2/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam-2/?ts=markdown)

[#### Regaining Control Over Identity and Access](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-vs-on-premises-permissions-ciem/)

### [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam/?ts=markdown), [IAM](https://www.paloaltonetworks.com/blog/cloud-security/category/iam-2/?ts=markdown)

[#### Stories from the Darkside: A Set of Stolen Access Keys and a Complete Cloud Takeover](https://www2.paloaltonetworks.com/blog/cloud-security/preventing-cloud-takeover-access-keys/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language