Why AI Agent Security Is Becoming a Board-Level Issue
AI agent security is the set of tools, policies, and operational practices that monitor, control, and protect autonomous AI agents as they access data, trigger actions, and interact with other systems at scale inside an enterprise. As organisations move beyond chatbots to agents that can execute tasks, risk grows from hidden decision-making, opaque model chains, and uncontrolled data access. Palo Alto Networks notes that 81% of enterprises are already piloting or using AI agents that call APIs, connect to tools, and influence real business processes. Without an AI governance platform or AI security gateway, every team can deploy its own agents, each expanding the attack surface and bypassing standard controls. The result is a mix of shadow AI, inconsistent policies, and little accountability when an agent behaves in unexpected or harmful ways.
Palo Alto Networks and Portkey Build a Unified AI Security Gateway
Palo Alto Networks has completed its acquisition of Portkey and is folding Portkey’s AI Gateway into Prisma AIRS as a unified control plane for AI agents. The Prisma AIRS AI Gateway is designed to centralise governance by identifying, authenticating, and authorising every agent interaction in real time, giving enterprises a single place to apply policies across models, tools, and autonomous agents. According to Palo Alto Networks, the gateway will sit at the centre of Prisma AIRS as a traffic enforcement point, adding features such as a unified API to large language models, an agent registry, semantic routing, and caching. Security capabilities include Agent Artifact scanning, automated red teaming, and runtime security to observe behaviour and mitigate risks as they appear. The platform also reinforces agent identity security in partnership with Idira, enforcing least‑privilege access for every autonomous action.
Cybanetix’s Managed AI Service: SOC-Backed Oversight for Users, Models, and Agents
Cybanetix is taking a managed-service route, unveiling its Managed AI Service to cover three domains: employee AI usage, AI governance, and embedded AI agents. Built on technology from NOMA, SentinelOne, Microsoft, and Exabeam, the service provides observability, exposure mapping, behavioural monitoring, and runtime protection across infrastructure and applications, all backed by a 24/7 Security Operations Centre. Cybanetix says the managed service can respond to AI security alerts in under 15 minutes, helping teams handle threats such as prompt abuse, model manipulation, or anomalous agent behaviour. SentinelOne Prompt Security and Microsoft Purview for AI focus on user-level controls, while NOMA delivers AI discovery, access control, red teaming, and detection and response aligned to frameworks like ISO 42001, the EU AI Act, and the NIST AI RMF. Exabeam contributes agent behaviour analytics, giving enterprises a continuous view of how agents operate in production.
From Fragmented Controls to Unified AI Governance Platforms
Both Prisma AIRS and the Cybanetix Managed AI Service address the same pain point: fragmented AI controls that leave gaps in enterprise defences. Historically, user monitoring, model governance, and embedded agent protection have relied on separate tools, each with different teams and vendors. Cybanetix argues this forces organisations into buying point solutions that still miss parts of the attack surface, especially unsanctioned models and agents wired into business processes with excessive privileges. In response, its AI Risk Assessment builds an inventory of every AI component, maps agent-to-agent relationships, and visualises blast radius for each integration, while ongoing posture management enforces policies across no-code and custom AI environments. Similarly, Palo Alto Networks positions its AI Gateway as a move from “chaos to control”, applying consistent identity, access, and behavioural rules across thousands of models, MCP servers, and agents through a single AI governance platform.
What Next-Generation Autonomous Agent Protection Looks Like
A common pattern is emerging for autonomous agent protection: central visibility, fine-grained access control, and real-time incident response. Prisma AIRS focuses on being an AI security gateway that provides a unified API layer, agent registry, and semantic routing, with integrated red teaming and runtime security to watch for abnormal behaviour or high-risk agent interactions. Portkey’s experience with Fortune 500 customers and trillions of tokens per month is intended to keep this control plane performant enough for dense agent-to-agent communication. Cybanetix, by contrast, wraps vendor tools in consultancy and SOC operations, offering AI posture management that triages risks, enforces policies, and safeguards training data. For enterprises, these approaches signal a shift away from securing individual models toward governing an entire ecosystem of agents, users, and data flows through platforms designed for continuous oversight rather than one-off controls.
