Palo Alto Networks Inc. is expanding its product portfolio with a new platform for protecting artificial intelligence models and an upgraded version of its security-optimized browser.

The company debuted the offerings today against the backdrop of the news that it’s acquiring Protect AI Inc., a Seattle-based cybersecurity startup. Palo Alto Networks didn’t disclose the acquisition terms. However, sources told GeekWire that the deal is worth more than $500 million.

AI security

Protect AI raised $108.5 million from Salesforce Ventures, Samsung Electronics Co. and other backers prior to the acquisition. It develops a suite of software tools that companies can use to protect AI models and the applications they power from cyberattacks.

One of Protect AI’s products, Recon, can test a newly developed AI workload for vulnerabilities before it’s deployed. The tool finds weak points using a library of 450 simulated cyberattacks. Another Shield AI product called Layer filters malicious prompts once the workload is in production.

According to the company, its software can also ease several other tasks for development teams. That includes the process of finding the most suitable AI model for an application project. 

Palo Alto Networks expects to close the acquisition by November. Afterwards, the Protect AI team will join the company to help enhance Prisma AIRS, a new AI security platform it debuted today in conjunction with the deal. The offering covers many of the same use cases as Protect AI’s product suite. 

Before deploying a new AI workload to production, a company can use Prisma AIRS to test it for vulnerabilities. The platform includes a tool that automatically performs red-teaming, the task of simulating cyberattacks to find weak points in an application. Palo Alto Networks says that Prisma AIRS spots misconfigured access permissions, AI models that are susceptible to tempering and other risks.

Once an AI workload is deployed in production, Prisma AIRS filters malicious prompts using a runtime security component. It also spots other issues. The software blocks, among others, hallucinations and requests that may cause an AI application to use an excessive amount of hardware resources.

A third set of features in Prisma AIRS is designed to protect AI agents. The platform can spot tool misuse, or cyberattacks that target the applications an AI agent uses to perform tasks. For example, if a programming agent has permission to make changes in a company’s GitHub repositories, hackers might seek to use it to inject malicious code. Prisma AIRS also promises to block several other types of agent-focused cyberattacks. 

“Prisma AIRS empowers teams with answers to essential questions, like whether someone is exploiting an LLM to extract sensitive information or if a compromised API is feeding the model poisoned data,” said Anand Oswal, the senior vice president and general manager of network security at Palo Alto Networks.

New product releases 

The company debuted Prism AIRS today alongside enhancements to its existing product portfolio. The first set of upgrades is rolling out to Prisma Access Browser, a browser that uses AI to block malicious websites. It ships as part of Palo Alto Networks’ Prisma SASE platform, which enterprises use to establish secure network connections between disparate systems. 

The latest Prisma Access Browser release includes new detections, automated workflows for spotting cyberattacks. According to Palo Alto Networks, they can detect browser-in-the-browser phishing attacks. Those are phishing webpages that launch a fake browser window to trick users into sharing sensitive data. The new detections likewise spot last-mile reassembly cyberattacks, which download malware onto user devices in a disguised, inactive form designed to avoid detection.

The other existing product for which Palo Alto Networks introduced enhancements today is its Cortex XSIAM platform. The software enables companies to collect cybersecurity data from multiple sources, analyze that data to find breach indicators and automate parts of the remediation workflow.

The latest Cortex XSIAM release includes a new dashboard called the Cloud & SOC Command Center. According to Palo Alto Networks, it enables cybersecurity teams to track the security of cloud and on-premises technology assets in one place. The dashboard identifies vulnerable assets, prioritize those vulnerabilities by severity and highlights which ones are being actively targeted by hackers.

The new versions of Prisma Access Browser and Cortex XSIAM will become available by July 31. 

Photo: Palo Alto Networks