
Palo Alto Networks has released Prisma AIRS AI Gateway, an enterprise control platform that manages AI security and governance across the organization. With MCP activity surging from 11% to 41.4% and monthly AI transaction volume growing twelve-fold in six months, enterprises face unprecedented risks as sensitive data flows to AI models without oversight. The gateway sits between AI interactions and backend systems to enforce policies, track costs by team, verify agent identities, and inspect prompts and responses inline—processing 68 Trillion+ tokens monthly at sub-millisecond latency with 99.999% availability.
Summaries like this, in your inbox every morning.
Sign up free →What happened
Palo Alto Networks announced general availability of Prisma AIRS AI Gateway, a control plane built six weeks after closing the Portkey acquisition. The gateway sits between every AI interaction and backend systems to enforce security, governance, and identity controls across coding assistants, enterprise agents, and copilots.
Why it matters
Enterprise AI adoption is outpacing security infrastructure. MCP activity jumped from 11% late last year to 41.4% by mid-2026, and monthly AI transaction volume grew twelve-fold in six months—some sessions moved hundreds of megabytes of data outbound. Without centralized control, coding agents expose source code and credentials, enterprise agents overstep their scope risking data breaches, and copilots surface data employees should not see. The gateway lets organizations see AI usage, enforce policies, and control agents in real time instead of blocking traffic entirely or staying permissive.
What to watch
The platform processes 68 Trillion+ tokens monthly, delivers sub-millisecond routing latency with inline inspection, and maintains 99.999% availability. Teams can now enforce budgets, verify agent identities with just-in-time least-privilege access, and inspect prompts and responses inline to prevent data leaks—all from a single unified view.
Palo Alto Networks announced general availability of Prisma AIRS AI Gateway, an enterprise AI control plane built on innovations from the Portkey acquisition integrated just six weeks after closing. The gateway sits inline between every AI interaction, model provider, and agentic interaction—spanning Agent/AI App to LLMs, MCP Tool Calls, and A2A (agent-to-agent) communication—to enforce unified operational and security controls without requiring teams to abandon their existing coding assistants, enterprise agents, or copilots.
The urgency behind the announcement is rooted in concrete adoption metrics. MCP activity climbed from 11% late last year to 41.4% by mid-2026, while monthly AI transaction volume grew twelve-fold over the same six-month period; some individual sessions moved hundreds of megabytes of enterprise data outbound. This velocity is outpacing enterprise security and governance infrastructure, creating three acute risks. Coding agents access code repositories, file systems, configurations, and credentials; when this context is sent to a frontier model, sensitive data is exposed and runaway loops can burn a fortune in tokens overnight. Enterprise agents run with broad access and standing privileges, sharing context with each other; a single agent stretched beyond its scope can trigger massive data breaches and reputational damage. Copilots embedded in SaaS and productivity tools can surface data to employees who were never meant to see it. Most enterprises respond by either blocking traffic entirely or staying permissive and promising to govern later—both approaches fail because they skip the critical step of seeing what agents do at runtime and controlling their actions while they happen.
Prisma AIRS AI Gateway delivers this control through a unified architecture with six core capabilities. Observability maps every request to a single view tracking usage, users, projects, token counts, latency, and cost to retire shadow AI infrastructure immediately. Governance lets teams centrally define approved models, tools, and access without touching developer configurations, track every request's cost and tokens by team or project, and proactively enforce budgets and rate limits. Coding Assistant Security replaces raw provider keys with scoped credentials per user and team to protect proprietary code and development systems. Operational Controls apply data protection and policy checks as AI interactions happen, distributing traffic across providers to ensure quotas are enforced. Agent Identity Security establishes trusted identities by binding ephemeral identities to agents at execution, allowing only authenticated agents to make approved calls. Runtime Security, powered by Prisma AIRS AI Runtime Security, inspects every prompt and response inline to stop source code, secrets, and customer data from leaving the network while neutralizing prompt injection attempts aligned with OWASP LLM Top 10 and OWASP Top 10 for Agentic Applications.
Palo Alto Networks claims the platform is built on architecture tested in the most demanding enterprises and handles scale that point products cannot. The gateway processes 68 Trillion+ tokens in the last month alone, delivers sub-millisecond routing latency with inline inspection to secure AI interactions without degrading user experience, and maintains 99.999% availability to ensure no single point of failure in the AI operational pipeline. The company, recently named "company to beat" in AI Security Platforms by Gartner, positioned the announcement as a response to the reality that developers have already adopted their agents—the agentic enterprise is already here, and enterprises must build it securely.
Palo Alto Networks has positioned the Prisma AIRS AI Gateway as foundational infrastructure for the enterprise shift from software-driven organizations to AI-orchestrated ones. The timing underscores genuine urgency: MCP (Model Context Protocol) activity surged from 11% late last year to 41.4% by mid-2026, and monthly AI transaction volume grew twelve-fold over the same six months—metrics that reveal both rapid adoption and lack of visibility. The company's decision to bring innovations from the Portkey acquisition to market within six weeks of closing suggests confidence that the problem is both acute and addressable at the infrastructure layer rather than at the application level.
The architecture addresses three distinct failure modes in current enterprise AI adoption. Coding assistants expose source code and secrets when context is sent to frontier models; enterprise agents with broad standing privileges and shared keys create accountability gaps; copilots embedded in SaaS tools surface data to employees outside their scope. Traditional point solutions—text filters or single-API routers—cannot handle the scale: hundreds of megabytes of data moving outbound in individual sessions. By sitting inline as a unified gateway for LLMs, Model Context Protocol tools, and agent-to-agent interactions, the platform enables real-time inspection and enforcement without requiring teams to abandon their existing tools.
The scale metrics (68 Trillion+ tokens monthly, sub-millisecond latency, 99.999% availability) are designed to address the operational risk that brought many enterprises to either blanket blocking or permissive approaches. Neither works—blocking stalls AI velocity, permissiveness defers governance to a later date that never comes. The gateway's unified observability (tracking usage, users, projects, token counts, latency, and cost in a single view) is pitched as the mechanism to retire shadow AI infrastructure immediately, while central policy enforcement at the infrastructure layer moves security ownership away from individual developers to the platform team.
AI-summarized, only the topics you pick — one digest a day via Email, Slack, or Discord.
Free · takes 30 seconds · unsubscribe anytime
No comments yet. Be the first to share your thoughts!
Log in to join the discussion




Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.
Get Started FreeFree · takes 30 seconds · unsubscribe anytime
1 minute a day. The AI essentials.
200+ sources · Email / LINE / Slack