Palo Alto Networks has released Prisma AIRS 3.0, the latest version of its AI security platform, as enterprises move from using AI for assistance to deploying autonomous agents that can act on their own. In its announcement, the company said the product is designed to secure the full agentic AI lifecycle, covering discovery, risk assessment and runtime protection.
Palo Alto Networks said Prisma AIRS 3.0 is intended to close that gap by identifying AI agents, models and connections across cloud, SaaS and endpoint environments, then applying policy and protection across deployment stages.
The company said the platform brings together several functions under one system rather than relying on separate tools. Those functions include Agent Artifact Security, which maps an agent’s architecture and scans for weaknesses; AI Red Teaming, which simulates agent-specific attacks; and an AI Agent Gateway, which is currently in limited preview and is meant to enforce runtime, identity and governance controls. Palo Alto Networks also said Agentic Endpoint Security will follow the proposed Koi acquisition, extending visibility to endpoint-based AI applications such as coding agents.
Anand Oswal, Executive Vice President of AI & Network Security, Palo Alto Networks, said, “Agentic AI represents a massive leap forward, moving beyond simple conversation to autonomous action that will redefine productivity. But this shift from ‘AI that talks’ to ‘AI that acts’ introduces new risks – from unmanaged agentic identities to unpredictable runtime behaviors. Prisma AIRS 3.0 provides a comprehensive platform to discover, assess and protect agentic AI, giving our customers the unique ability to confidently and securely scale the AI-powered enterprise.”
The new version also fits into Palo Alto Networks’ recent pattern of widening its AI security portfolio. Reuters reported in October 2025 that the company had launched Prisma AIRS 2.0 with technology from Protect AI, combining AI application security from development through deployment. Reuters also noted that Palo Alto had been expanding its AI-powered cybersecurity offerings as customers tried to cope with rising cyberattacks and more complex software environments.
Taken together, Prisma AIRS 3.0 looks less like a standalone product launch and more like another step in Palo Alto Networks’ move to position AI security as a platform problem rather than a point-solution problem. The company’s emphasis on discovery, governance and runtime enforcement shows where the market is heading: not just protecting AI models, but also controlling how autonomous systems behave once they are inside enterprise workflows.
