Palo Alto Networks
Palo Alto Networks (NASDAQ: PANW) is one of the largest publicly-traded cybersecurity vendors. Its portfolio is anchored on next-generation firewalls (PAN-OS) and has expanded through acquisition into SASE (Prisma Access), CNAPP (Prisma Cloud, originally RedLock + Dig Security), endpoint and XDR (Cortex), and — beginning 2025 — dedicated AI security under Prisma AIRS.
Core platforms
| Family | Role |
|---|---|
| PAN-OS / Strata | Next-generation firewall and network security |
| Prisma SASE | Secure Access Service Edge — Prisma Access + Prisma SD-WAN |
| Prisma Cloud | CNAPP — incorporates AI-SPM via the Dig Security acquisition |
| Prisma AIRS | Dedicated AI security pillar — runtime, posture, model security, red teaming |
| Cortex | XDR + XSIAM (security analytics + autonomous SOC) |
Acquisitions relevant to AI security
| Acquisition | Year | Brought into Palo Alto |
|---|---|---|
| Dig Security | 2023 | Cloud DSPM → became Prisma Cloud AI-SPM module |
| Protect AI | 2025 | Model scanning (Guardian, ModelScan) → integrated into Prisma AIRS 2.0 (Oct 2025) |
| CyberArk | 2026 | Identity Security Platform (PAM, Conjur secrets management, NHI governance) |
The CyberArk acquisition is the most strategically significant for the agent security space — it pairs Palo Alto’s runtime/network/posture stack with CyberArk’s identity/secrets stack, creating a single-vendor portfolio covering identity → policy → runtime → network → posture → red-team for agentic AI.
Project Glasswing partnership (May 2026)
Palo Alto Networks is a named launch partner in Project Glasswing (Anthropic coalition initiative). Lee Klarich (Chief Product & Technology Officer) is the quoted executive, with the canonical wiki citation on the AI-attacker threat reframing: “There will be more attacks, faster attacks, and more sophisticated attacks. Now is the time to modernize cybersecurity stacks everywhere.” The quote directly supports the SDLC in the AI-Attacker Era thesis.
Notable 2025–2026 events
- April 28, 2025 — Prisma AIRS launched
- August 2025 — Portkey integration with Prisma AIRS
- October 29, 2025 — Prisma AIRS 2.0 GA, integrating Protect AI; agent-lifecycle protection expanded
- 2026 — CyberArk acquisition announced (~$25B)
Unit 42 — threat research arm
Unit 42 is Palo Alto Networks’ threat-intelligence and incident-response group. Two Unit 42 publications anchor the agentic-AI security material in this wiki:
| Publication | Date | Type | Wiki page |
|---|---|---|---|
| AI Agents Are Here. So Are the Threats. (Jay Chen, Royce Lu) | 2025-05-01 | Lab study — 9 framework-agnostic attack scenarios on CrewAI + AutoGen with open-source reference impl | paper page |
| In-the-wild prompt injection observations (22 distinct techniques) | 2026-03-03 | Production telemetry from PAN customer base | incident page |
Together: lab evidence (May 2025) + production-telemetry confirmation (March 2026) for the same indirect-prompt-injection attack class. Unit 42 also operates the AI Security Assessment consulting offering and the Unit 42 Incident Response team.
Wiki references
- Palo Alto Prisma AIRS — primary AI security product page
- CyberArk — acquired identity-security vendor
- Dongdong Sun, Mohamed Nabeel — Palo Alto researchers (Senior Staff ML Engineer, Sr Principal Researcher)
- Unit 42 — AI Agents Are Here. So Are the Threats. — lab study
- Unit 42 — In-the-Wild Prompt Injection Observations — production telemetry
- RA — Prisma AIRS appears in Runtime, Egress, Data, and Observability planes