Palo Alto Networks this week at the RSA Conference unveiled its Prisma AIRS AI security platform that the company says is designed to protect the developing enterprise AI ecosystem from attacks.
As enterprise companies embrace AI, they must also protect their environments and AI initiatives from security blind spots, risks, and vulnerabilities. AI represents a new attack surface for malicious actors, and enterprises need new approaches to secure components across their environments. An AI security platform will provide customers with the tools needed to prevent security incidents as customers deploy agents, apps, models, and more in their environments, according to Palo Alto Networks.
Part of Palo Alto’s Secure AI by Design portfolio, Prisma AIRS promises to secure the AI attack lifecycle for every AI app, agent, model, and dataset a business uses or builds. “It empowers organizations to deploy AI bravely knowing that whatever they build is security,” said Anand Oswal, senior vice president and general manager of Network Security at Palo Alto Networks, in a blog detailing the product news.
Capabilities of Prisma AIRS include AI model scanning, which enables enterprises to safely adopt AI models by scanning them for vulnerabilities and secure the “AI ecosystem” against risks such as model tampering, malicious scripts, and deserialization attacks. Posture management provides enterprises with insight into their security posture as related to the AI ecosystem and exposes risks such as excessive permissions, sensitive data exposure, platform misconfigurations, and access misconfigurations.
Other capabilities include AI Red Teaming, which helps enterprises uncover potential exposure and risks before malicious attackers do. This feature lets enterprises perform automated penetration tests on their AI apps and models using the Red Teaming agent, which stress tests the AI deployments. Prisma AIRS also includes runtime security to protect large language model (LLM) AI apps, models, and data against threats such as prompt injection, malicious code, toxic content, sensitive data leaks, resource overload, and hallucination. And AI Agent Security provides protection against agentic threats such as identity impersonation, memory manipulation, and tool misuse.
“With Prisma AIRS, you can discover, assess and protect every AI app, model, dataset and agent in your environment. As AI reshapes how enterprises operate and how attacks unfold, Prisma AIRS moves just as fast,” Oswal stated.
He also wrote that Prisma AIRS will be enhanced by the company’s recently announced intent to acquire Protect AI, which will help Palo Alto deliver necessary AI security capabilities to its customers faster, according to William Blair Equity Research Analyst Jonathan Ho.
“Protect AI was founded in 2020 and has emerged as a leading player in addressing AI-specific security challenges, like model manipulation or data poisoning, with purpose-built solutions,” Ho wrote in a recent research brief. “In our view, Palo Alto Networks’ acquisition and integration of Protect AI’s technology and expertise strengthens the company’s AI security portfolio and accelerates the development of its own AI security framework.”
Palo Alto also used RSA to introduce new features in its Prisma SASE product, including the Prisma Access Browser 2.0.
“A secure browser extends SASE protection to where knowledge workers spend most of their time, securing third-party access, supporting BYOD, and reducing an organization’s reliance on legacy infrastructure like VDI,” said John Grady, principal analyst at Enterprise Strategy Group, now part of Omdia, in a statement. “Palo Alto Networks’ unique approach of integrating its Prisma Access Browser with Prisma SASE helps organizations extend the same protection from advanced threats, user experience monitoring, and genAI app protection from the network into the browser, ensuring users are protected, efficient, and productive.”
The secure access service edge (SASE) secure browser includes new capabilities that now:
- Help secure generative AI adoption with real-time visibility, access control, and user coaching to secure sensitive data at the last mile with LLM-powered context-based classification preventing unintentional leaks or breaches.
- Provide protection to detect evasive and targeted attacks such as AI-generated cloaking and SaaS-hosted phishing attacks such as evasive AI-generated code and malicious injection into compromised websites, which cannot be detected outside of a browser.
- Enable enterprises to easily launch legacy infrastructure such as VDI application from the same browser for a unified experience.
- Improve shadow data discovery and data classification accuracy and provide proactive measures against insider threats to safeguard sensitive information.
- Expand support for new productivity apps and extend user-to-app performance to the branch with integration into Prisma SD-WAN.
- Simplify the IT experience with a unified agent for SASE use cases.
“Secure browsers are absolutely essential for the modern workforce because today’s work is increasingly remote, cloud-based, and data-intensive,” Oswal stated.“This shift demands a unified, modern approach to security—a SASE natively integrated secure browser—that uniquely safeguards productivity, helps ensure resilience, and does so with a seamless user experience, making it the optimal choice for securing today’s dynamic work environments.”
Lastly, the vendor announced it had updated its security operations platform with Cortex XSIAM 3.0, which will lets customers stop attacks at scale using AI-driven threat defense with Cortex Exposure Management and Advanced Email Security. Palo Alto says this product will help enterprises cut vulnerability noise by up to 99% with AI-powered prioritization and automated remediation. Other features let enterprises:
- Uncover risks across native network, endpoint, and cloud scanners.
- Use AI to prioritize high-risk, exploitable vulnerabilities with no compensating controls, eliminating false alarms.
- Automate remediation across first- and third-party tools with playbook automation.
- Detect advanced phishing and email-based threats with LLM-powered analytics.
- Remove malicious emails, disable compromised accounts, and isolate affected endpoints with workflow automation.
“Discovering the capabilities of Cortex XSIAM was a game-changer for the State of Louisiana. It’s helped us to modernize our security infrastructure and set an example for other states to follow,” Chase Hymel, CISO of the State of Louisiana, said in a statement. “By adopting XSIAM, we have significantly improved threat visibility and response effectiveness. Cortex XSIAM has allowed us to consolidate our security tools into one integrated platform, enhancing our security operations and protecting citizen data effectively. We have reduced MTTR from over 24 hours to under two minutes and automated the resolution of 86% of incidents.”
These product updates point to Palo Alto Networks’ plans to secure AI and AI-driven environments, industry watchers say.
“Also, Palo Alto Networks rolled out Cortex XSIAM 3.0, the latest evolution of its AI-driven security operations platform with the addition of proactive exposure management and advanced email security capabilities. These strategic moves all revolve around leveraging AI to strengthen the company’s security offerings while aiming to lead in security AI itself,” William Blair Research Equity’s Ho said.