* [Blog](https://www2.paloaltonetworks.com/blog) * [Network Security](https://www2.paloaltonetworks.com/blog/network-security/) * [AI Security](https://www2.paloaltonetworks.com/blog/category/ai-security/) * Securing the Autonomous W... # Securing the Autonomous Workforce with Prisma AIRS [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-autonomous-workforce-with-prisma-airs%2F) [](https://twitter.com/share?text=Securing+the+Autonomous+Workforce+with+Prisma+AIRS&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-autonomous-workforce-with-prisma-airs%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fsecuring-the-autonomous-workforce-with-prisma-airs%2F&title=Securing+the+Autonomous+Workforce+with+Prisma+AIRS&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/network-security/securing-the-autonomous-workforce-with-prisma-airs/&ts=markdown) \[\](mailto:?subject=Securing the Autonomous Workforce with Prisma AIRS) Link copied By [Chandan Agarwal](https://www.paloaltonetworks.com/blog/author/chandan-agarwal/?ts=markdown "Posts by Chandan Agarwal") and [Jane Leung](https://www.paloaltonetworks.com/blog/author/jane-leung/?ts=markdown "Posts by Jane Leung") Nov 11, 2025 5 minutes [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) [Prisma AIRS](https://www.paloaltonetworks.com/blog/tag/prisma-airs/?ts=markdown) ## **The New Reality of Autonomous AI** Across industries, autonomous AI agents are reshaping how work gets done: building code, managing systems, and powering decisions in real time. Coding agents log into tools, connect to APIs, and move data across environments with the same speed and precision they once only analyzed. Enterprises are building AI agents in platforms like [Microsoft Copilot Studio](https://www.paloaltonetworks.com/blog/network-security/prisma-airs-integrates-with-microsoft-copilot-studio-for-ai-security/), Salesforce Agentforce, ServiceNow AI Platform, Google Gemini Enterprise, ChatGPT Enterprise and many more to achieve breakthrough speed and intelligent automation. But as we embrace this power, one question takes center stage... How do we keep it safe? **Because security isn't what slows innovation; the *lack of it* does.** Autonomous systems blur the boundaries between users, applications and infrastructure. For CIOs, that means rethinking how visibility, permissions and protection work in a world where machines act with human-level access. ## **Three core security challenges** ### **1. Manipulation --- reasoning under attack** Unlike static code, autonomous agents reason and act continuously --- and that logic can be manipulated. Adversaries use [prompt injection](https://www.paloaltonetworks.com/cyberpedia/what-is-a-prompt-injection-attack) and [context poisoning](https://www.paloaltonetworks.com/blog/network-security/prisma-airs-integrates-with-microsoft-copilot-studio-for-ai-security/) to embed malicious instructions in ordinary data or responses. One tainted API call can trigger a [data leak](https://www.paloaltonetworks.com/cyberpedia/data-leak), misconfiguration, or unwanted system change. Because these manipulations flow through normal data paths, they bypass traditional defenses. **Attackers no longer exploit code; they exploit reasoning itself.** ### **2. Visibility --- the invisible workforce** Traditional security models were built around people, devices and applications. AI agents cross all three. They act like users but aren't human, connect like apps yet adapt as they learn. Their tool calls, data access, and decision paths rarely appear in logs. Agents can [reuse credentials](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack), move data across platforms, or act on reasoning that no one can trace. **When visibility disappears, control disappears.** ### **3. Permissions --- privilege without boundaries** To accelerate results, developers often grant broad, inherited permissions so agents "just work." Over time, that privilege sprawl becomes a risk---agents holding database keys, admin tokens, or API rights far beyond their purpose. A compromised agent can behave like a trusted insider, moving laterally and exfiltrating data under legitimate credentials. **Without least-privilege governance, innovation quietly expands the attack surface.** ## **How Prisma AIRS 2.0 empowers the autonomous enterprise** ### **From black box to managed asset: visibility for Gemini Enterprise** As enterprises adopt powerful platforms like Google's Gemini Enterprise to build their autonomous workforce, the challenge of "[shadow AI](https://www.paloaltonetworks.com/cyberpedia/what-is-shadow-ai)" and invisible risk becomes a primary concern for leadership. We are thrilled to announce our new collaboration with Google to extend our SaaS Agent Security platform to Gemini Enterprise. This integration provides a unified security strategy, helping ensure that as you innovate with Google's powerful AI, your security moves right alongside it, allowing you to deploy bravely. Our platform tackles the "invisible workforce" challenge by providing complete and immediate visibility into every AI agent built within Gemini Enterprise. This allows security and IT teams to get a full inventory of their agents, understanding not just *that* they exist, but precisely *how* they are configured. This detailed discovery includes an agent's description and instructions, the specific [LLMs](https://www.paloaltonetworks.com/cyberpedia/what-is-llm-security) it leverages, the tools and applications it is authorized to access and all the connectors it uses to connect to Google data sources or third party data sources. This foundational visibility moves these powerful tools from a "black box" to a managed, transparent component of the enterprise. By understanding the complete agent configuration, our platform lays the groundwork for continuous security posture monitoring. This enables the detection of high risk configurations --- such as agents with bad instructions, access to overly sensitive knowledge bases or malicious automation logic --- allowing you to establish governance and confidently scale your AI initiatives. ## **With** [**Prisma AIRS**](https://www.paloaltonetworks.com/blog/2025/10/prisma-airs-powering-secure-ai-innovation/)**2.0, you can...** **Secure every ecosystem where AI works.** From the recent Microsoft 365 Copilot Studio integration to Salesforce Agentforce and now Google Gemini Enterprise, Prisma AIRS integrates natively into today's most critical productivity and workspace platforms. You can scale innovation without fragmenting security. **See what was invisible.** Automatically discover every AI and SaaS agent across your enterprise --- including copilots, automations, and third-party integrations that often operate beyond traditional visibility. Gain a single, unified view of how your autonomous systems work, what they access and how they behave. **Turn visibility into control.** Map each agent's data connections, permissions, and actions in real time. Continuous assessment highlights over-privileged, dormant, or risky agents---and enforces least-privilege access automatically. Instead of reacting to exposure, you can now govern AI activity proactively. **Protect AI agents as they act.** Extend security to the moment of execution. Prisma AIRS applies runtime protection that monitors and enforces policies as agents make decisions and take action --- whether in SaaS copilots, coding environments, or production workflows. Now, every autonomous process operates within safe, visible boundaries. **Control reasoning before it becomes action.** With the [MCP Relay](https://docs.paloaltonetworks.com/ai-runtime-security/release-notes/features-introduced/ai-runtime-security-api-intercept?otp=concept-w1x_wzy_wgc#concept-w1x_wzy_wgc) and [Managed MCP Server](https://docs.paloaltonetworks.com/ai-runtime-security/release-notes/features-introduced/ai-runtime-security-api-intercept?otp=concept-p11_21z_wgc#concept-p11_21z_wgc), Prisma AIRS gives you real-time checkpoints between agents and the tools they use --- redacting secrets, validating permissions and stopping manipulation at the source. That means fewer blind spots, fewer breaches and far greater confidence. The future of work is autonomous. With Prisma AIRS, it's also secure. **Secure confidently.** [**Deploy Bravely**](https://www.deploybravely.com/)**.** For more information about Prisma AIRS, [fill out our contact form](https://start.paloaltonetworks.com/prisma-airs-contact-us) and one of our representatives will be in touch. *** ** * ** *** ## Related Blogs ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### The Power of Glean and Prisma AIRS Integration](https://www2.paloaltonetworks.com/blog/2026/02/power-of-glean-and-prisma-airs-integration/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown) [#### Winning the AI Race Starts with the Right Security Platform](https://www2.paloaltonetworks.com/blog/2025/12/winning-ai-race-starts-with-right-security-platform/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Prisma AIRS Integrates Microsoft Foundry for Comprehensive AI Security](https://www2.paloaltonetworks.com/blog/2025/11/prisma-airs-integrates-azure-ai-foundry/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Solving the AI Black Box Problem with Prisma AIRS 2.0](https://www2.paloaltonetworks.com/blog/2025/11/ai-black-box-problem-prisma-airs-2-0/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Ignite](https://www.paloaltonetworks.com/blog/category/ignite/?ts=markdown) [#### AI-Driven, Quantum-Ready Network Security](https://www2.paloaltonetworks.com/blog/2025/10/network-security-ai-powered-quantum-ready/) ### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Ignite](https://www.paloaltonetworks.com/blog/category/ignite/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Prisma AIRS 2.0 Is Powering the Next Wave of Secure AI Innovation](https://www2.paloaltonetworks.com/blog/2025/10/prisma-airs-powering-secure-ai-innovation/) ### Subscribe to Network Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language