Prisma AI 3.0: Comprehensive Security for AI Applications and Agents
Palo Alto Networks announces Prisma AI 3.0, positioning it as the industry's most complete platform for securing AI applications and agents across the enterprise. The platform addresses the expanding attack surface created by AI adoption through four core capabilities: model and artifact scanning (extending vulnerability detection to agent components like MCP servers and tools), AI red teaming using multi-agent architecture to simulate attacker behavior, comprehensive posture management across 12 cloud and SaaS platforms, and runtime security protecting against both traditional threats and emerging AI-specific attacks like prompt injection, model DOS, and tool manipulation. The centerpiece of the announcement is the new AI Agent Gateway, which centralizes security and control plane traffic for all enterprise agents, providing unified agent registry, runtime policy enforcement, identity integration, end-to-end visibility, governance controls, and continuous risk assessment of agents and their artifacts.
Agentic Endpoint Security Through Koi Acquisition Integration
The presentation addresses the security challenges of AI agents running on employee workstations, noting that one in three employees use unsanctioned AI agents including coding assistants and personal productivity tools. While the Koi acquisition is not yet closed, Palo Alto Networks outlines plans to integrate Koi's technology with Prisma Airs to deliver agentic endpoint security across five pillars: discovery of all agent components on managed workstations (agents, tools, skills, plugins, local MCP servers), scanning of software and agent artifacts for vulnerabilities before use, governance to ensure only sanctioned agents operate within policy guardrails, identity and access management for agents as new enterprise identities, and runtime security that scans agentic traffic both locally on endpoints and as it connects to SaaS platforms and third-party MCP servers. The solution addresses supply chain risks (noting one in three MCP servers are susceptible to system takeover), identity risks from developers bypassing enterprise authentication, and runtime risks including indirect prompt injection attacks that could exfiltrate code from third-party repositories.
Prisma Browser Evolution for the Agentic Era
Palo Alto Networks positions the browser as the de facto enterprise workspace and announces the next phase of Prisma Browser designed for agentic capabilities. Building on the Talon acquisition from two and a half years ago, the enhanced browser integrates core security services to stop advanced phishing, malware, malicious agent extensions, and data exfiltration directly in the browser. The new agentic browser capabilities allow organizations to bring their choice of LLM or agent (OpenAI, Gemini, Anthropic) while providing security and governance to protect against runtime threats including tool manipulation, ensuring appropriate guardrails and governance across autonomous agent behaviors. The browser addresses the elevated risks created when agents access passwords, browser history, cache, and sensitive data while performing tasks like researching leads, booking flights, and executing complex workflows on behalf of users.
Quantum Readiness and Digital Trust Through Cryptographic Reset
The presentation frames quantum computing as a 'when not if' threat, with Gartner and McKinsey predicting viable quantum computers capable of breaking standard encryption by the end of the decade. Palo Alto Networks extends its network security platform to provide a path to quantum readiness through three components: discovery providing complete cryptographic visibility and inventory across applications, infrastructure, and endpoints with guided recommendations for quantum safety; protection through quantum-compliant firewalls (hardware, software, Prisma Access, browser) enabling quantum decryption at scale with cryptographic agility as standards evolve; and acceleration allowing legacy applications and endpoints to become quantum-compliant by passing traffic through next-generation firewalls. The platform addresses the parallel challenge of digital trust, noting the CA Browser Forum's reduction of public TLS certificate lifecycles from 398 days to 200 days (and 47 days by 2029). Leveraging Venafi technology from the CyberArk acquisition, the solution combines internet search discovery, third-party integrations, and network-native discovery to provide comprehensive certificate visibility, risk assessment, and automated lifecycle management across firewalls, load balancers, and applications.
