* [Blog](https://www2.paloaltonetworks.com/blog) * [Network Security](https://www2.paloaltonetworks.com/blog/network-security/) * [AI Security](https://www2.paloaltonetworks.com/blog/category/ai-security/) * Securing the AI Frontier:... # Securing the AI Frontier: Prisma AIRS \& Claude Code [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-ai-frontier-prisma-airs-claude-code%2F) [](https://twitter.com/share?text=Securing+the+AI+Frontier%3A+Prisma+AIRS+%26%23038%3B+Claude+Code&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-ai-frontier-prisma-airs-claude-code%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-ai-frontier-prisma-airs-claude-code%2F&title=Securing+the+AI+Frontier%3A+Prisma+AIRS+%26%23038%3B+Claude+Code&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/network-security/securing-the-ai-frontier-prisma-airs-claude-code/&ts=markdown) \[\](mailto:?subject=Securing the AI Frontier: Prisma AIRS \& Claude Code) Link copied By [Tom Prenderville](https://www.paloaltonetworks.com/blog/author/tom-prenderville/?ts=markdown "Posts by Tom Prenderville") and [Jason Roberts](https://www.paloaltonetworks.com/blog/author/jason-roberts/?ts=markdown "Posts by Jason Roberts") Nov 19, 2025 5 minutes [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown) [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [Prisma AIRS](https://www.paloaltonetworks.com/blog/tag/prisma-airs/?ts=markdown) [Secure AI](https://www.paloaltonetworks.com/blog/tag/secure-ai/?ts=markdown) The age of AI is upon us, and with it, a new frontier of security challenges. As developers increasingly leverage large language models (LLMs) to build innovative applications, they also open the door to a new class of threats. From prompt injection and data leakage to malicious code generation, the potential attack surface is vast and constantly evolving. How can we empower developers to build securely in this new landscape, without stifling innovation or slowing down the development process? The answer lies in building security into the AI development process from the beginning, making it an integral part of the development lifecycle. This is where the powerful combination of Palo Alto Networks Prisma^Ⓡ^ AIRS™ API Intercept and Anthropic's Claude Code hooks comes into play. By integrating these two cutting-edge technologies, organizations can create a robust, proactive defense against AI-native threats directly within developers' workflows. # The Power of Proactive AI Security In the rapid environment of modern AI development, security must be an enabler throughout the entire deployment process rather than a final checkpoint. Security must be embedded directly into the tools and processes that developers use every day to achieve robust threat prevention. Together, Prisma AIRS and Claude Code hooks can protect against prompt injection attacks, tool misuse, sensitive data loss and more. Prisma AIRS API Intercept provides the real-time threat detection and prevention capabilities needed to secure AI applications at runtime. It acts as a security-as-code layer, allowing developers to programmatically scan prompts and model responses for a wide range of threats. With its model-agnostic design, Prisma AIRS can be seamlessly integrated with any AI model, providing consistent and comprehensive protection across the entire AI ecosystem. Claude Code hooks enable automated, enforced security checks directly within the Claude Code development environment. Hooks are user-defined scripts that can be triggered at specific points in the Claude Code workflow. This allows organizations to create deterministic security controls, helping ensure that all prompts and tool calls are automatically scanned and validated before they are ever used. # Securing the AI Development Pipeline: Prisma AIRS Proactive Defense Capabilities To truly establish proactive defense, a comprehensive security solution must address the full spectrum of AI-native threats that developers face. Prisma AIRS is designed to secure applications built with agents such as Claude Code by providing broad coverage against the most critical risks. ## Prevent Direct and Indirect Prompt Injections Prisma AIRS offers the broadest coverage with over 30 types of detection to help prevent malicious manipulation of the model's behavior, especially critical when coding agents utilize web search or external data. ## Command Injections Preventing the model from executing unintended or harmful commands on the underlying system. ## Malicious Scripts Blocking the generation or execution of harmful code snippets. ## MCP Vulnerability Exploits Defending against threats that target MCP servers, such as tool misuse. ## Sensitive Data Exposure Ensuring that confidential information is not inadvertently exposed in prompts or model responses. ## Malicious URL and FQDNs Ingested for Processing Scanning and blocking the use of untrusted or known malicious web addresses that coding agents might encounter. Prisma AIRS addresses these threats through flexible deployment models that integrate security directly into developers' workflows, covering both real-time interactions and deep, on-demand analysis. # Inline Prevention: Using AIRS API with Claude Code Hooks For real-time, zero-trust security enforcement, the Prisma AIRS API Intercept integrates seamlessly with tools like Claude Code hooks. This integration provides inline prevention, acting as a deterministic security control layer within the model's request/response cycle. * Every user prompt and tool call is automatically scanned and validated *before* the AI model processes it. * Model responses and tool outputs, like WebFetch results, are scanned *before* they are returned to the user or used in subsequent steps. * If a threat is detected, the process is immediately stopped, preventing the attack from reaching the model or the developer's environment. This method enables always-on security and immediate threat prevention. # On-demand Detection: Leveraging Prisma AIRS MCP Server While inline prevention handles real-time traffic, a truly proactive security posture requires the ability to perform deeper, asynchronous analysis. Users can leverage [Prisma AIRS as an MCP server](https://docs.paloaltonetworks.com/ai-runtime-security/activation-and-onboarding/prisma-airs-mcp-server-for-centralized-ai-agent-security/understanding-the-prisma-airs-mcp-server) for on-demand detection, enabling security scanning to be easily configured within customizable workflows. This approach creates a flexible, layered security posture by enabling users to easily send specific data samples for analysis within a standard chat workflow to test verdicts. Using Prisma AIRS as an MCP server can also be used directly within agent workflows to perform analysis that is not dependent on the real-time API intercept and also provides a vital capability for comprehensive threat hunting, retrospective scanning and analysis of AI-native applications. ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/11/word-image-348633-1.png) *Figure 1: Scanning user input before processing by Claude Code* ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/11/word-image-348633-2.png) *Figure 2: Scanning of both WebFetch and MCP requests and responses; processes stop if a threat is detected* # Key Benefits of Prisma AIRS and Claude Code Integration By integrating Prisma AIRS and Claude Code, organizations can detect and prevent threats at the earliest stage of the development lifecycle before they reach production. Security is seamlessly integrated into the developer's existing workflow, without adding unnecessary friction or complexity. Automated and reliable security checks remove the need for developers to run manual checks and approve every agent action. With Prisma AIRS advanced threat detection, organizations can proactively protect against a wide range of AI-native threats. # The Future of AI Security Is Proactive As AI continues to transform the way we work and live, security must be woven into the fabric of AI applications. By combining real-time threat prevention capabilities from Prisma AIRS with the development-time automation of Claude Code, organizations can create a powerful and proactive defense against the next generation of cyberthreats. This integrated approach empowers developers to build confidently, knowing that they have the tools and processes in place to secure the AI frontier. See the [integration guide](https://github.com/PaloAltoNetworks/prisma-airs-integrations/tree/main/Anthropic/claude-code-prisma-airs) to [get started with Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security) and [Claude Code hooks](https://docs.claude.com/en/docs/claude-code/hooks-guide). *** ** * ** *** ## Related Blogs ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### The Power of Glean and Prisma AIRS Integration](https://www2.paloaltonetworks.com/blog/2026/02/power-of-glean-and-prisma-airs-integration/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown) [#### Prevent Your AI from Becoming a Brand Liability](https://www2.paloaltonetworks.com/blog/network-security/prevent-your-ai-from-becoming-a-brand-liability/) ### [AI Application Security](https://www.paloaltonetworks.com/blog/network-security/category/ai-application-security/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown) [#### Can Your AI Be Manipulated Into Generating Malware?](https://www2.paloaltonetworks.com/blog/network-security/can-your-ai-be-manipulated-into-generating-malware/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown) [#### Winning the AI Race Starts with the Right Security Platform](https://www2.paloaltonetworks.com/blog/2025/12/winning-ai-race-starts-with-right-security-platform/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Prisma AIRS Integrates Microsoft Foundry for Comprehensive AI Security](https://www2.paloaltonetworks.com/blog/2025/11/prisma-airs-integrates-azure-ai-foundry/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [#### Enterprise-Grade AI Security: Prisma AIRS and TrueFoundry AI Gateway](https://www2.paloaltonetworks.com/blog/network-security/enterprise-grade-ai-security-prisma-airs-and-truefoundry-ai-gateway/) ### Subscribe to Network Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language