Palo Alto Networks

Palo Alto Networks (NASDAQ: PANW) is one of the largest publicly-traded cybersecurity vendors. Its portfolio is anchored on next-generation firewalls (PAN-OS) and has expanded through acquisition into SASE (Prisma Access), CNAPP (Prisma Cloud, originally RedLock + Dig Security), endpoint and XDR (Cortex), and, beginning 2025, dedicated AI security under Prisma AIRS.

Core platforms

FamilyRole
PAN-OS / StrataNext-generation firewall and network security
Prisma SASESecure Access Service Edge: Prisma Access + Prisma SD-WAN
Prisma CloudCNAPP: incorporates AI-SPM via the Dig Security acquisition
Prisma AIRSDedicated AI security pillar: runtime, posture, model security, red teaming
CortexXDR + XSIAM (security analytics + autonomous SOC)

Acquisitions relevant to AI security

AcquisitionYearBrought into Palo Alto
Dig Security2023Cloud DSPM → became Prisma Cloud AI-SPM module
Protect AI2025Model scanning (Guardian, ModelScan) → integrated into Prisma AIRS 2.0 (Oct 2025)
CyberArk2026Identity Security Platform (PAM, Conjur secrets management, NHI governance)

The CyberArk acquisition is the most strategically significant for the agent security space. It pairs Palo Alto’s runtime/network/posture stack with CyberArk’s identity/secrets stack, creating a single-vendor portfolio covering identity → policy → runtime → network → posture → red-team for agentic AI.

Project Glasswing partnership (May 2026)

Palo Alto Networks is a named launch partner in Project Glasswing (Anthropic coalition initiative). Lee Klarich (Chief Product & Technology Officer) is the quoted executive, with the canonical wiki citation on the AI-attacker threat reframing: “There will be more attacks, faster attacks, and more sophisticated attacks. Now is the time to modernize cybersecurity stacks everywhere.” The quote directly supports the SDLC in the AI-Attacker Era thesis.

Notable 2025–2026 events

  • April 28, 2025: Prisma AIRS launched
  • August 2025: Portkey integration with Prisma AIRS
  • October 29, 2025: Prisma AIRS 2.0 GA, integrating Protect AI; agent-lifecycle protection expanded
  • 2026: CyberArk acquisition announced (~$25B)

Unit 42 — threat research arm

Unit 42 is Palo Alto Networks’ threat-intelligence and incident-response group. Two Unit 42 publications anchor the agentic-AI security material in this wiki:

PublicationDateTypeWiki page
AI Agents Are Here. So Are the Threats. (Jay Chen, Royce Lu)2025-05-01Lab study: 9 framework-agnostic attack scenarios on CrewAI + AutoGen with open-source reference implpaper page
In-the-wild prompt injection observations (22 distinct techniques)2026-03-03Production telemetry from PAN customer baseincident page

Together: lab evidence (May 2025) + production-telemetry confirmation (March 2026) for the same indirect-prompt-injection attack class. Unit 42 also operates the AI Security Assessment consulting offering and the Unit 42 Incident Response team.

Unit 42 Frontier AI Defense (2026) is an expert-led service built on Claude Opus: it finds hidden vulnerabilities, maps how they chain into critical attack paths, and builds a hardening roadmap against AI-enabled attacks, paired with a benchmarked machine-speed-defense blueprint and hands-on transformation work. In internal testing it compressed a year’s worth of penetration-testing effort into under three weeks (see the Opus partner ecosystem). SVP Sam Rubin: “As attackers weaponize frontier models to automate cyberattacks, the defense must move faster.”

Wiki references