Palo Alto Networks launched Prisma AIRS 3.0, aiming to secure agentic AI across its lifecycle and address enterprise trust gaps [1][3]. Palo Alto Networks’ move signals a shift as security vendors race to keep up with autonomous AI agents. According to Futurum Group’s 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 62.1% agree AI-powered defensive tools are now a necessity.
What is Covered in this Article
- Palo Alto Networks’ Prisma AIRS 3.0 launch and agentic AI security strategy
- Enterprise demand for AI lifecycle protection and trust automation
- Competitive positioning against Microsoft, CrowdStrike, and Zscaler
- Risks and gaps in agentic AI security adoption
The News
Palo Alto Networks announced Prisma AIRS 3.0, expanding its AI security platform to cover discovery, risk assessment, and protection for agentic AI across the full lifecycle [1][3]. The company also introduced Next-Generation Trust Security to automate certificate management and prepare enterprises for post-quantum threats [2]. These launches target the growing challenge of securing autonomous AI agents as they proliferate in enterprise environments. Prisma AIRS 3.0 claims unified visibility and control over agentic workflows, aiming to close gaps left by traditional endpoint and network tools.
According to Futurum Group’s 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 62.1% of security leaders now see AI-powered defensive tools as a necessity, and 65% of organizations are piloting or deploying agentic AI, with security and data privacy as the top concern (AI Platforms Decision Maker Survey, n=838, 1H 2026).
Analyst Take
Palo Alto Networks is betting that securing agentic AI is the next battleground for cybersecurity leadership. As enterprises shift to autonomous agents, legacy security models are breaking down, creating an opening for platforms that can provide end-to-end protection and trust automation.
Palo Alto Networks Agentic AI Security Platform Reset
The rise of agentic AI is exposing structural weaknesses in traditional cybersecurity stacks. Most endpoint detection and response tools monitor CPU and OS activity, but agentic workloads often bypass these layers, operating in opaque GPU memory or orchestrating across cloud APIs. According to Futurum Group’s 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 62.0% have seen a surge in AI-driven social engineering attacks, and 82.3% experienced a significant incident in the past year. Palo Alto Networks is positioning Prisma AIRS 3.0 to address these gaps, but the challenge is integrating with the complex, multi-cloud architectures where agents actually run. Microsoft, CrowdStrike, and Zscaler are all racing to offer agent-aware security, but none have solved the GPU blind spot yet.
Palo Alto Networks Trust Automation Is Now Table Stakes, Not a Differentiator
Certificate lifecycle automation and post-quantum readiness, as offered by Palo Alto’s Next-Generation Trust Security [2], are becoming baseline requirements. Enterprises can’t afford outages or manual errors as agentic AI scales. According to Futurum Group’s AI Platforms Decision Maker Survey (n=838, 1H 2026), 65% of organizations are piloting or deploying agentic AI, and security/data privacy is the top concern. The real test will be whether Palo Alto can automate trust at the speed and scale required for agent swarms operating across hybrid and multi-cloud environments. Competitors such as Microsoft Entra and AWS IAM are embedding similar automation, so differentiation will hinge on cross-platform visibility and policy enforcement.
Palo Alto Networks Execution Risk: Can Security Vendors Keep Pace With AI Factories?
Agentic AI is accelerating the shift from custom security architectures to validated reference designs, such as NVIDIA’s Enterprise AI Factory. Vendors that fail to certify on these architectures risk being locked out of the AI data center. According to Futurum’s ‘Do AI Factories Signal a New Mandate for Certified Security?’ (February 2026), organizations are abandoning bespoke security in favor of reference designs, and independent vendors are racing to certify on NVIDIA BlueField DPUs. Palo Alto Networks’ ability to adapt Prisma AIRS for these environments will determine if palo alto networks can remain relevant as AI factories become the new normal.
What to Watch
- AI Factory Certification: Will Palo Alto Networks achieve reference design certification with NVIDIA and other hyperscalers by year-end?
- GPU Blind Spot: Can any vendor deliver true GPU-level visibility and control for agentic AI workloads in 2026?
- Trust Automation Race: Will certificate lifecycle automation become commoditized, or can Palo Alto create a stickier platform advantage?
- Enterprise Adoption: Will risk-averse enterprises trust agentic AI security platforms enough to accelerate agent deployment in 2026-2027?
Sources
1. Palo Alto Networks Secures Agentic AI with Prisma AIRS 3.0
3. Palo Alto Networks Unlocks the Agentic Enterprise with Prisma AIRS
Declaration of generative AI and AI-assisted technologies in the writing process: This content has been generated with the support of artificial intelligence technologies. Due to the fast pace of content creation and the continuous evolution of data and information, The Futurum Group and its analysts strive to ensure the accuracy and factual integrity of the information presented. The Futurum Group makes no guarantees regarding the completeness, accuracy, or reliability of any information contained herein. Readers are encouraged to verify facts independently and consult relevant sources for further clarification.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Read the full Futurum Group Disclosure.
Author Information
FuturumAI
This content is written by a commercial general-purpose language model (LLM) along with the Futurum Intelligence Platform, and has not been curated or reviewed by editors. Due to the inherent limitations in using AI tools, please consider the probability of error. The accuracy, completeness, or timeliness of this content cannot be guaranteed. It is generated on the date indicated at the top of the page, based on the content available, and it may be automatically updated as new content becomes available. The content does not consider any other information or perform any independent analysis.
