A year ago, we talked about the seismic shift that artificial intelligence (AI) was bringing to business, and how the AI tech stack introduced new risks to the enterprise. But, we didn't just talk about the potential; we showed you. We launched our “Secure AI by Design” portfolio, developed to help enterprises safely build and adopt AI. Since then, the world has seen a proliferation of applications that change how we interact with customers and increase employee productivity.
The threat landscape for AI has also continued to shift and evolve as AI agents are being developed across every industry and business function. These AI agents are being built on SaaS and enterprise platforms, and it’s never been easier to build AI agents; anyone can do it using low-code or no-code platforms and tools. This democratization of AI tools is now a full-blown revolution, and it's taking productivity to a whole new level. But it is also creating unprecedented challenges for security teams to remain ahead of this entirely new threat landscape and security requirements.
The Challenges of Securing AI
AI introduces new, unproven components to your application stack – infrastructure, models, datasets, tools and plugins. And now, AI innovation is accelerating even faster with the introduction of Agents. Unlike LLMs, agents reason, act autonomously and coordinate with other agents. Where LLMs give you the answer, agents give you action. This is bringing new complexity to your environment, and introducing new security risks.
Every new model, every new connection between tools and APIs creates new paths for attackers to exploit. A single malicious prompt can trigger unintended actions, or compromised models can execute harmful logic. AI agents can be misled, manipulated or hijacked – not through exploits in code, but through the very data and decisions they process. That’s because AI isn’t just another tool in your stack: it’s an entirely new attack surface.
The security industry has been trained to fight new threats with old tactics — one point product at a time. One tool for model scanning, another one for posture management and yet another for runtime threat protection. It's an untenable scenario that can leave organizations vulnerable. Enterprises are left stitching together security with duct tape while threats evolve at machine speed. What we end up with is a situation where risks outpace security, creating uncertainties.
Introducing Prisma AIRS
The good news is that there is a better way to secure your AI business transformation: Prisma® AIRS, the world’s most comprehensive AI security platform. It's natively integrated and uses best-in-class security to secure the entire AI attack lifecycle for every AI app, agent, model and dataset your business uses or builds. It empowers organizations to deploy AI bravely knowing that whatever they build is secure.
![Step-1-new.gif]()
Our comprehensive new AI security platform gives you:
- AI Model Scanning – Enable safe adoption of AI models by scanning them for vulnerabilities. Secure your AI ecosystem against risks, such as model tampering, malicious scripts and deserialization attacks.
- Posture Management – Gain insight into security posture risks associated with your AI ecosystem, such as excessive permissions, sensitive data exposure, platform misconfigurations, access misconfigurations and more.
- AI Red Teaming – Uncover potential exposure and lurking risks before bad actors do. Perform automated penetration tests on your AI apps and models using our Red Teaming agent that stress tests your AI deployments, learning and adapting like a real attacker.
- Runtime Security – Protect your LLM-powered AI apps, models and data against runtime threats, such as prompt injection, malicious code, toxic content, sensitive data leak, resource overload, hallucination and more.
- AI Agent Security – Secure agents (including those built on no-code/low-code platforms) against new agentic threats, such as identity impersonation, memory manipulation and tool misuse.
Accelerating AI Security
The announcement today of our intent to acquire Protect AI underscores our commitment to leading the next wave of cybersecurity innovation, and expanding our capabilities to safeguard the expanding attack surface that is emerging from the rapid growth of AI. Protect AI helps ensure security is enforced at every phase of the AI development lifecycle, and will be tightly integrated into our Prisma AIRS platform after the acquisition closes.
This is still just the beginning. After the transaction closes, the combination of Palo Alto Networks® and Protect AI will represent the strongest team in the industry, developing cutting-edge capabilities to secure AI. As AI innovation continues to explode, the combined companies will be well positioned to offer the solutions that customers demand to secure this evolving attack surface. The acquisition remains subject to customary closing conditions, including regulatory approval.
Deploy Bravely with Prisma AIRS
With Prisma AIRS, you can discover, assess and protect every AI app, model, dataset and agent in your environment. As AI reshapes how enterprises operate and how attacks unfold, Prisma AIRS moves just as fast. With our cutting-edge innovations, our customers can embrace the future of AI with Prisma AIRS, our comprehensive AI security platform, built to secure your complete AI lifecycle.
No matter where AI takes your business, we’ve got you covered for the AI era.
Join Palo Alto Networks on April 29 at 2:30 PM PST for a LinkedIn Live event to learn more about how organizations can thrive in an AI-driven world and sign up today to see a demo of the new standard in AI Security – Prisma AIRS.
This blog contains forward-looking statements that involve risks, uncertainties, and assumptions, including, but not limited to, statements regarding the anticipated benefits and impact of the proposed acquisition on Palo Alto Networks and its customers. There are a significant number of factors that could cause actual results to differ materially from statements made in this blog, including, but not limited to: the effect of the announcement of the proposed acquisition on the parties’ commercial relationships and workforce; the ability to satisfy the conditions to the closing of the acquisition; the ability to consummate the proposed acquisition on a timely basis or at all; the ability of Palo Alto Networks to integrate Protect AI’s technology, operations and business; developments and changes in general market, political, economic, and business conditions; failure of our product offerings; failure to achieve the expected benefits of our acquisitions; risks associated with managing our growth; risks associated with new product, subscription and support offerings, including our efforts to leverage AI; shifts in priorities or delays in the development or release of new offerings, or the failure to timely develop and achieve market acceptance of new products and subscriptions as well as existing products, subscriptions and support offerings; failure of our business strategies; rapidly evolving technological developments in the market for security products, subscriptions and support offerings; defects, errors, or vulnerabilities in our products, subscriptions or support offerings; our customers’ purchasing decisions and the length of sales cycles; our competition; our ability to attract and retain new customers; our ability to acquire and integrate other companies, products, or technologies in a successful manner; our debt repayment obligations; and our share repurchase program, which may not be fully consummated or enhance shareholder value, and any share repurchases which could affect the price of our common stock.
Additional risks and uncertainties that could affect our financial results are included under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations" in our Quarterly Report on Form 10-Q filed with the SEC on February 14, 2025, which is available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov. Additional information will also be set forth in other filings that we make with the SEC from time to time. All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
Palo Alto Networks, Prisma AIRS, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States or in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.