Palo Alto Networks completed its acquisition of Protect AI in the first quarter of its fiscal year 2026, integrating AI-specific security capabilities into its Prisma AIRS platform. The deal, announced on April 28, 2025, targets the emerging category of risks unique to machine learning systems: model manipulation, data poisoning, and prompt injection attacks.
Protect AI, founded in 2022, developed tooling for model scanning, risk assessment, GenAI runtime security, posture management, and AI agent security. The company operated under a principle that adoption of AI should not proceed without dedicated security for AI. Its solutions address risks across the entire AI development lifecycle, from model training through production deployment.
Anand Oswal, SVP and GM at Palo Alto Networks, stated: “By extending our AI security capabilities to include Protect AI’s innovative solutions for Securing for AI, businesses will be able to build AI applications with comprehensive security.” Ian Swanson, Protect AI’s co-founder and CEO, added: “Joining forces with Palo Alto Networks will enable us to scale our mission of making the AI landscape more secure.”
The acquisition reflects a pattern visible across the major platform vendors in early 2026. As enterprises embed AI into production workflows, they require security tooling purpose-built for AI attack surfaces rather than adapted from traditional application security frameworks. Palo Alto’s integration of Protect AI positions Prisma AIRS as a platform covering both security of AI (protecting AI systems from attack) and AI for security (using AI to improve defensive operations).
Defenders evaluating AI security tooling should assess whether their current stack addresses model-layer threats or only the infrastructure hosting those models. The distinction determines whether prompt injection, training data poisoning, and model theft are within detection scope.