Reading view

Securing and Governing AI Agents At Scale Through A Unified AI Gateway

Palo Alto Networks Completes Acquisition of Portkey

We are pleased to announce that Palo Alto Networks has officially completed the acquisition of Portkey. 

We are moving from vision to reality by integrating Portkey’s pioneering AI Gateway directly into the fabric of the Palo Alto Networks product portfolio. Prisma AIRS AI Gateway will provide a unified vantage point to secure and govern AI agents at scale, offering a mission-critical control plane to identify, authenticate and authorize every agentic interaction in real time.  

We are delivering the industry’s most comprehensive security and unified control framework for the agentic enterprise, enabling our customers to scale autonomous AI workloads with complete confidence.

The era of the AI Enterprise has arrived. Today, 81% of enterprises are piloting the use of AI agents or have fully implemented AI agent solutions. We aren't just talking about smart chatbots. We are talking about autonomous agents that execute.

By leveraging APIs and MCP servers, these agents navigate complex workflows, access sensitive data and make real-time, business-critical decisions. The question is no longer if companies will adopt AI agents, but how to securely operationalize them without putting the brakes on innovation. 

The Challenge: Expanding Attack Surfaces

AI agents are creating a new and largely invisible attack surface. The risk is not just their independence, but the lack of visibility and accountability. Without a centralized enforcement layer for operational and security controls, every team that deploys an agent may unintentionally expose the enterprise to unauthorized data access and heightened security risks.

To solve this, Palo Alto Networks is redefining security for the agentic era. We recently introduced Prisma AIRS™ 3.0, the industry’s first platform to secure the entire agentic AI lifecycle. Portkey's acquisition accelerates that momentum.

The Prisma AIRS AI Gateway: From Chaos to Control 

Portkey's AI Gateway will be integrated into Prisma AIRS to deliver the unified control plane that enterprises need to operationalise and secure AI apps and agents at scale.

Moving from “chaos to control” requires a centralized approach to governance. Currently, many AI initiatives are hindered by fragmented security and a lack of oversight. The AI Gateway solves this by providing a unified vantage point where organizations can enforce consistent policies across all models and agents, ensuring every interaction is identified, authenticated and authorized in real time within a single governing framework.

The Prisma AIRS AI Gateway will establish a mission-critical control plane for the agentic enterprise, enabling teams to move autonomous workloads from development into at-scale production with confidence. With operational features like a unified API to LLMs, an agent registry, semantic routing and caching, the AI Gateway equips enterprises with complete control in one platform. By serving as a centralized enforcement point at the center of Prisma AIRS for all agent traffic, the AI Gateway will provide critical security functions, including Agent Artifact scanning, automated Red Teaming and Runtime Security needed to monitor behavior, route requests and mitigate risks in real time. Crucially, the AI Gateway will reinforce Agent Identity Security via Idira (formerly CyberArk), applying strict protocols to ensure every autonomous action is authenticated and governed by least-privilege controls.

Our vision is for the Prisma AIRS AI Gateway to serve as the industry blueprint for enterprises in the agentic era. By making security a foundational component of the operational lifecycle, we are empowering enterprises to build and govern an AI ecosystem that is secure by design.

 

Secure All Agents with the Prisma AIRS AI Gateway

 

Why Portkey? The Pioneer in AI Gateways

  • Battle-Tested: Portkey’s AI Gateway is already supporting the demands of the modern enterprise, at scale, with several Fortune 500 customers, processing trillions of tokens per month with the low latency that is required for agent-to-agent communication. This ensures that agentic security does not come at the cost of developer speed or application performance. 
  • Architectural Simplicity: Portkey offers plug-and-play capabilities with just three lines of code required to implement the AI Gateway. The AI Gateway, powered by unified APIs, also provides secure access to over 3,000 LLMs, MCP servers and agents, giving enterprises a flying start to building and executing with AI agents.
  • Better Together: Palo Alto Networks and Portkey’s joint vision is to make Prisma AIRS the most ubiquitous platform for AI security. With exceptional AI security by Palo Alto Networks combined with Portkey’s AI Gateway, we will offer a comprehensive AI Security platform.

Prisma AIRS comprehensive AI App and agent security platform.

What’s Next?

The era of AI Enterprises is here. We’re making sure it is secure by design. The complexity of managing agents and securing them has long created friction in enterprises. With the integration of Portkey into Prisma AIRS, we will remove the trade-off between agent autonomy and authority. We are ensuring that as businesses accelerate into the era of autonomous agents, the security architecture isn’t just keeping up, it is setting the pace. 

Learn more about Prisma AIRS - the world’s most comprehensive AI security platform.

Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties, and assumptions, including, but not limited to, statements regarding the anticipated benefits and impact of the acquisition of Portkey on Palo Alto Networks, Portkey and their customers. There are a significant number of factors that could cause actual results to differ materially from statements made in this blog, including, but not limited to: risks related to disruption of management time from ongoing business operations due to the acquisition and the integration of Portkey and other recent acquisitions; our ability to effectively operate Portkey's operations and business, integrate Portkey’s business and products into our products, and realize the anticipated synergies in the transaction in a timely manner or at all; changes in the fair value of our contingent consideration liability associated with acquisitions; developments and changes in general market, political, economic and business conditions; failure of our platformization product offerings; risks associated with managing our growth; risks associated with new product, subscription and support offerings; shifts in priorities or delays in the development or release of new product or subscription or other offerings or the failure to timely develop and achieve market acceptance of new products and subscriptions, as well as existing products, subscriptions and support offerings; failure of our product offerings or business strategies in general; defects, errors, or vulnerabilities in our products, subscriptions or support offerings; our customers’ purchasing decisions and the length of sales cycles; our ability to attract and retain new customers; developments and changes in general market, political, economic, and business conditions; our competition; our ability to acquire and integrate other companies, products, or technologies in a successful manner; our debt repayment obligations; and our share repurchase program, which may not be fully consummated or enhance shareholder value, and any share repurchases which could affect the price of our common stock.

Additional risks and uncertainties that could affect our financial results are included under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations" in our Quarterly Report on Form 10-Q filed with the SEC on February 18, 2026, which is available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov. Additional information will also be set forth in other filings that we make with the SEC from time to time. All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

The post Securing and Governing AI Agents At Scale Through A Unified AI Gateway appeared first on Palo Alto Networks Blog.

  •  

Winning the AI Race Starts with the Right Security Platform

Every CIO and CISO we speak with describes the same paradox: AI is now central to their transformation agenda, yet the fastest way to derail that agenda is to lose control of AI. As generative AI, agentic systems and embedded AI features spread across the enterprise, leaders are no longer asking if they need AI security; they’re asking what kind of AI security strategy will actually scale.

Gartner® has published two recent reports that validate this reality and outline the strategic direction enterprises must take to secure their AI:

Why AI Security Is a Platform Game

Point products can plug individual gaps, but they can’t keep up with the speed, complexity and interconnected nature of AI adoption. And more importantly, they struggle to deliver the trust, consistency or scale AI transformation requires.

Many organizations are already experiencing AI adoption outpacing traditional security tools. Security teams are under pressure on three fronts:

  • Risk – Shadow AI, unmanaged agents and custom LLMs create new pathways for data loss, intellectual property exposure and model misuse.
  • Cost – Each new AI use case brings yet another tool, driving up license, integration and operations costs.
  • Complexity – Fragmented controls across network, data, identity and application stacks create blind spots exactly where AI is moving fastest.

From a CIO or CISO’s perspective, this isn’t just a technical concern but the fault line beneath their entire AI agenda. CIOs are under pressure to deliver productivity gains, cost efficiencies and new AI-powered capabilities faster than ever before.

CISOs, on the other hand, see a parallel reality: custom-built AI applications that may be insecure by default, agents that can act unpredictably, and a constant risk that company secrets or customer data could leak into third-party GenAI tools.

If AI moves forward without security, the enterprise is exposed. If AI slows down because security can’t keep up, the business misses its transformation goals. This is why AI security isn’t a feature; it’s the determining factor in whether AI becomes a competitive advantage or a strategic setback.

Gartner recommends the path forward as “an integrated modular AI security platform (AISP) with a common UI, data model, content inspection engine and consistent policy enforcement.”

Gartner further recommends prioritizing investments in two phases.

Phase 1

Start with AI usage control to secure the consumption of third-party AI services.

Phase 2

Expand into AI application protection to securely develop and run AI applications.

Phase 1: Securing Generative AI Usage Is the “Right Now” Challenge

Before enterprises can secure how AI is developed, they must first understand how it is already being used across the organization. The earliest risks often emerge not from the AI-enabled apps built in-house, but from the external generative AI tools and copilots employees adopt, and often without the IT teams’ knowledge.

That’s why we think the report identifies AI usage control as phase one and why we recommend IT leaders start with these immediate questions to assess their organization’s AI usage.

  • Where is AI actually being used in my organization?
  • Which tools, copilots and agents are in play, and on what data?
  • How do I enable productivity without losing control?

Phase 2: Securing AI Development Early Into the AI Lifecycle

Once public generative AI use is understood, the harder challenge emerges: Securing the AI apps and tools that your organization creates for itself. As models, agents and pipelines move into production, the questions shift from visibility to integrity, safety and scale.

Key questions that organizations must answer in phase two include:

  • What AI applications, models and agents are my teams building, and where do they live?
  • How do I manage the integrity, safety and compliance of AI apps before they reach production?
  • How do I protect models and AI applications from prompt injection, misuse or agentic threats?
  • How do I scale AI innovation without creating security bottlenecks for developers?

Palo Alto Networks Delivers the AI Security Platform

Although organizations can separate the work around securing AI usage and AI development, they are not two separate problems. The same organization that needs visibility into employees using public GenAI apps also needs to protect the AI applications and agents they’ve built as they move into production. A platform approach is what allows shared policies, shared guardrails and shared context across both sides of the AI usage and development equation.

That is exactly the philosophy behind our Secure AI by Design approach:

  • Secure how GenAI is used with Prisma® Browser™ and Prisma SASE to discover AI tools in use, govern access and prevent sensitive data from flowing into public models, all while keeping users productive with GenAI and enterprise copilots.
  • Secure how AI is built with capabilities of Prisma AIRS™, such as model and agent security, AI security posture management, runtime protection, automated testing with AI Red Teaming, as well as coverage for agentic protocols, like MCP, securing custom AI applications, agents and pipelines.

Gartner identifies Palo Alto Networks as “the company to beat” in their newly released report as of December 8, 2025: “AI Vendor Race: Palo Alto Networks Is the Company to Beat in AI Security Platforms.”

We believe we are the AI Security Platform to beat because:

  • Palo Alto Networks product portfolio across network, edge, cloud and data provides a strong foundation for AI usage visibility and control.
  • The acquisition of Protect AI integrated industry-leading AI talent and products resulting in the recently announced Prisma AIRS 2.0, which delivers comprehensive end-to-end AI security, seamlessly connecting deep AI agent and model inspection in development with real-time agent defense at production runtime. The platform, continuously validated by autonomous AI red teaming, secures all interactions between AI models, agents, data and users. This gives enterprises the confidence to discover, assess and protect their entire AI ecosystem, accelerating secure innovation.
  • Complementing the platform, Unit 42®’s deep expertise and Huntr’s bug bounty program, provide security thought leadership that directly improves product effectiveness and threat intelligence. These programs help us continuously uncover new attack patterns, misconfigurations and supply chain risks unique to AI systems, as well as feed those insights directly back into the product roadmap.
  • Our large installed base and distribution channels create a flywheel for AI security platform adoption and learning from our customers and partners.

We also believe that underneath the technical requirements is a deeper truth: CIOs and CISOs want to move fast on AI, but they only feel safe doing so with a partner who has the scale, signal and staying power. This is where our breadth, research depth and ecosystem matter.

Leading Responsibly Means Listening, Innovating and Evolving

Being early is an advantage, but staying ahead requires humility and continuous learning. Leading means seeing what comes next, and Gartner’s insights accelerate our own roadmap as we continue to evolve.

  • Simplifying the Experience: We are integrating capabilities across Prisma AIRS, Prisma SASE and Prisma Browser to make AI security easier to adopt, operate and scale through Strata™ Cloud Manager as the single entry point.
  • Going Deeper into the AI Engineering Pipeline: We recognize that securing AI must start early in the developing environment and ML pipeline, not just at runtime. Our integrations with AI development tools and code repositories will continue to expand.
  • Keeping Pace with a Fast-Moving Market: We are investing in open standards, partnerships and research, so our customers don’t have to chase every point solution that appears. Palo Alto Networks is also a contributing member to OWASP Standards and Threat analysis to help create an industry standard on AI security.
  • Working Along Native AI Controls: Cloud providers and AI platforms are adding their own security features. We aim to complement, not replace, those controls, providing unified visibility, advanced protection and consistent policies across a fragmented AI landscape.

For us, being “the company to beat” is not a finish line. It’s a responsibility to listen carefully to customers, adapt as AI evolves, and keep delivering practical, integrated outcomes rather than isolated features.

If you are a GM, CIO, CISO or AI leader trying to make sense of a rapidly crowding AI security landscape, we believe “GMs: Win the AI Security Battle With an AI Security Platform”​​ is essential reading.

In the end, the real race isn’t about features; it’s about who helps enterprises accelerate transformation safely, reduce risk and compete better with AI they can trust.

 

Disclaimer: Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

Gartner, AI Vendor Race: Palo Alto Networks is the Company to Beat in AI Security Platforms, By Mark Wah, Neil MacDonald, Marissa Schmidt, Dennis Xu, Evan Zeng, 8 December 2025. 

Gartner, GMs: Win the AI Security Battle With an AI Security Platform, By Neil MacDonald, Tarun Rohilla, 6 October 2025.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

The post Winning the AI Race Starts with the Right Security Platform appeared first on Palo Alto Networks Blog.

  •  
❌