{"id":360994,"date":"2026-06-16T06:00:12","date_gmt":"2026-06-16T13:00:12","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=360994"},"modified":"2026-06-16T07:36:52","modified_gmt":"2026-06-16T14:36:52","slug":"securing-the-agentic-ai-frontier-with-palo-alto-networks-and-databricks","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2026\/06\/securing-the-agentic-ai-frontier-with-palo-alto-networks-and-databricks\/","title":{"rendered":"Securing the Agentic AI Frontier: Palo Alto Networks and Databricks Deliver a New Standard for AI Security"},"content":{"rendered":"

The rise of Agentic AI is rapidly reshaping the enterprise, yet its deployment opens a complex new frontier for cyber threats.\u00a0 As organizations race to harness the power of enterprise agents, the \"Data Estate\" has become the new perimeter. CISOs today face a high-stakes trade-off: enabling developers to build at the speed of AI while keeping proprietary data visible, governed, and secure across the entire AI lifecycle. This requires meticulously checking user inputs, agent outputs, and tool calls for threats like prompt injections, sensitive data loss, and malicious code, while simultaneously preventing autonomous agents from performing destructive actions.<\/span><\/p>\n

Securing the AI-driven enterprise requires a fundamental shift from reactive measures to proactive runtime protection. Palo Alto Networks and Databricks are delivering on that vision. Our partnership will integrate the <\/span>Prisma AIRS API <\/b>with <\/span>Databricks Unity AI Gateway<\/b>, embedding seamless security at runtime. This collaboration will enable organizations to innovate with AI agents, applications, models and MCP Servers at scale while maintaining a robust, policy-driven security posture. By combining the centralized AI governance and control capabilities of the Databricks platform with the runtime security protections of Palo Alto Networks, organizations can scale AI innovation without sacrificing visibility, compliance, or security.<\/span><\/p>\n

 <\/p>\n

The Context: Why AI Security is Different<\/span><\/h2>\n

AI security represents a fundamental departure from traditional defense. Legacy tools are designed for structured threats, leaving them incapable of parsing the intent behind complex, conversational attacks. <\/span>Furthermore, the integration of Retrieval-Augmented Generation (RAG) and autonomous workflows creates a dynamic attack surface that goes far beyond traditional data loss. Without AI-native oversight, organizations can face severe risks from prompt injections, custom topics, and toxic content manipulating model logic, to tool misuse, malware execution, and malicious URLs hijacking agent actions.<\/span><\/p>\n

Modern AI development requires more than just a perimeter; it requires contextual intelligence. By integrating Prisma AIRS directly into Databricks Unity AI Gateway, we will evolve security from a reactive layer into a <\/span>native pillar of the AI architecture.<\/b><\/p>\n

 <\/p>\n

The Joint Solution: Centralized Security at the Gateway<\/span><\/h2>\n

The most effective way to secure an entire AI environment is at the governance layer. Our integration focuses on Databricks Unity AI Gateway, which serves as the centralized interface for all AI activity within the Databricks environment. Unity AI Gateway is designed for managing, governing, and monitoring access to all models, agents and MCP Servers\u2014whether they are open-source models deployed within Databricks or external proprietary models. As organizations deploy more agents, applications, and models, centralized governance becomes critical. Unity AI Gateway provides a single control plane for AI usage, enabling teams to apply consistent policies, monitor activity, and manage access across AI workloads.<\/span><\/p>\n

Through this integration, Unity AI Gateway will make real-time calls to the Prisma AIRS Runtime Security API for security inspection. Instead of managing fragmented security policies across dozens of individual applications, SecOps teams will be able to enforce consistent guardrails across the entire Agentic AI estate from one location, providing a single, unified enforcement point for all AI workloads.<\/span><\/p>\n

\"\"<\/span><\/div><\/p>\n
Figure 1: Centralized AIRS guardrail configuration delivers instant protection across all applications, agents and MCP Servers without requiring client-side code refactoring<\/span><\/h6>\n

 <\/p>\n

Mechanism: API Intercept for AI Runtime Security<\/span><\/h2>\n

Prisma AIRS operates as an advanced inspection layer, leveraging its API Intercept capability to provide real-time security embedded directly into the application flow. By embedding Prisma AIRS directly into the workflow, we offer a seamless 'Security-as-Code' experience that unifies development and defense. Prisma AIRS intercepts AI prompts, responses, and MCP calls\u2014inspecting them in real time to enforce security policies with an immediate Go\/No-Go verdict or by sanitizing the data in transit. Prisma AIRS uses deep learning classifiers to detect data exfiltration risks, such as the presence of PII (Personally Identifiable Information), PHI, or PCI data. If sensitive data is found, it can be dynamically redacted or blocked based on corporate policy.<\/span><\/p>\n

 <\/p>\n

Key Benefits for the Enterprise<\/span><\/h2>\n

This integration isn't just about blocking threats\u2014it\u2019s about accelerating your AI roadmap. By removing the \"security friction\" that often slows down production deployments, we enable teams to move faster with confidence. Key benefits include:<\/span><\/p>\n