Palo Alto Networks aims to strengthen its position in one of the most sensitive areas of new enterprise security: traffic generated by artificial intelligence agents. The company announced its intention to acquire Portkey, a firm specializing in AI Gateways, with the goal of integrating it into Prisma AIRS and turning that layer into a central control point for applications and autonomous agents.
This move comes at a time when companies are moving from testing copilots to deploying agents capable of querying data, calling APIs, executing flows, and communicating with other systems. That leap increases risk. A misconfigured chatbot can leak information; an agent with excessive permissions can act as a privileged internal user, execute decisions at high speed, and leave an audit trail that’s difficult to follow if there’s no clear governance layer.
The AI Gateway as a new control point
Portkey presents itself as an AI gateway capable of monitoring, routing, and protecting transactions among models, agents, tools, and MCP servers. Palo Alto Networks states that the platform already processes trillions of tokens per month with low latency—a crucial requirement when agents respond not only to humans but also exchange information with each other and operate in real time.
The core idea is simple: if companies are to use dozens or hundreds of connected agents interacting with different models, databases, SaaS applications, and internal systems, they need a centralized place to enforce policies. This point cannot be limited to just logging calls. It must identify who makes each request, what model is used, what data is entering or leaving, which tool is invoked, and whether the action complies with security rules.
Palo Alto Networks envisions Portkey as that “control plane” within Prisma AIRS. Following the completion of the acquisition—expected in Palo Alto Networks’ Q4 fiscal 2026, if customary conditions are met—Portkey will serve as the AI Gateway for the platform. Financial terms of the deal have not been disclosed.
The purchase aligns with a growing trend: AI security is no longer limited to prompt review, red teaming models, or blocking harmful responses. The challenge is to safeguard the entire flow—models, data, agents, APIs, credentials, external tools, and automated decisions. That’s where an AI Gateway can become a critical component.
Autonomous agents: useful but with too many permissions
AI agents promise to automate repetitive tasks, accelerate operations, and reduce manual work. But their power comes precisely from their ability to act. They can read internal documentation, query ticketing systems, modify records, prepare reports, launch commands, open incidents, or interact with other agents. This creates a new attack surface.
Lee Klarich, Palo Alto Networks’ Chief Product and Technology Officer, explains from this perspective: when autonomous agents become part of a company’s digital ecosystem, they also become an unmanaged surface if not properly controlled. Integrating Portkey into Prisma AIRS aims to provide visibility into that agent traffic and enforce controls against new threats.
One of the most critical aspects is identity. In traditional security, there’s a focus on users, devices, and applications. With agents, another question arises: what identity does an agent have, what permissions should it have, who authorized it, which tools can it use, and what happens if it tries to do something outside its scope? Palo Alto Networks advocates for applying least privilege controls to each agent interaction—necessary when these systems operate near sensitive processes.
Reliability also matters. Portkey offers features like semantic routing, automatic failover, technical telemetry, audit logs, granular quotas, and caching techniques to manage costs. This is no small detail. In production, an agent cannot depend on a single failing model, which increases costs or responds with high latency. Companies need alternative routes, spending limits, and traceability.
| AI Agent Risks | What an AI Gateway Provides |
|---|---|
| Uncontrolled model usage | Centralized inventory and policies |
| Excessive permissions | Agent identity and least privilege |
| Data leaks | Traffic inspection and egress rules |
| Unexpected costs | Quotas, caching, and usage controls |
| Provider failures | Routing and failover |
| Lack of audit trail | Telemetry and logs of each interaction |
| Dispersed MCP tools | Controlled access and artifact management |
A purchase that strengthens Prisma AIRS
Palo Alto Networks has been working to position Prisma AIRS as a dedicated platform to secure AI applications, models, data, and agents. The acquisition of Portkey adds a layer focused on runtime protection—when agents are actively functioning and making decisions within real processes.
Previously, the company had taken steps in AI security by integrating Protect AI technologies into Prisma AIRS 2.0. With Portkey, it adds a closer-to-operation layer: a gateway through which calls to models, tools, MCP servers, and agents pass. This could help transform isolated experiments into more controlled deployments.
Rohit Agarwal, CEO and co-founder of Portkey, frames the acquisition as a balance between flexibility for developers and control for security teams. That tension is central to many enterprise AI initiatives. Technical teams want to test models, switch providers, connect tools, and move quickly. Security teams need visibility into what’s being used, with what data, under what permissions, and how to respond if something goes wrong.
The promise of a unified interface to manage over 3,000 LLMs and MCP tools addresses this need for order. But it also raises a market question: whoever controls the AI gateway could hold a highly valuable position within enterprise architecture. Just as firewalls, proxies, CASBs, and API gateways became control points earlier in infrastructure, AI Gateways aim to occupy that role in the era of agents.
For Palo Alto Networks, the deal makes strategic sense. AI security is beginning to be part of cybersecurity budgets, not just innovation teams. If agents are deployed across customer support, software development, operations, finance, or internal support, organizations will need auditable controls. The vendor that can integrate these controls with cloud security, identity management, SOC, and data protection will have an advantage.
Nonetheless, the acquisition doesn’t eliminate all risks. An AI Gateway can inspect, route, and enforce policies, but companies will still need proper permission management, sensitive data review, security testing, identity oversight, agent inventories, and a clear culture of human supervision. Technology aids governance but does not replace internal oversight.
The Portkey acquisition confirms that AI agent security is becoming a distinct category. Until recently, many viewed agents simply as extensions of corporate chatbots. Now, they’re seen as a new layer of automation capable of acting on critical systems. And when something can act, it must also be limited, auditable, and stoppable.
Frequently Asked Questions
What did Palo Alto Networks announce?
Palo Alto Networks announced its intent to acquire Portkey, a company specializing in AI Gateways to manage and protect AI agents.
What is an AI Gateway?
It’s an intermediate layer controlling traffic between applications, models, agents, and tools. It enables policy enforcement, interaction auditing, request routing, and risk mitigation.
How will Portkey be integrated?
Palo Alto Networks plans to turn Portkey into the AI Gateway for Prisma AIRS, their security platform for AI applications, models, data, and agents.
Why are AI agents sensitive?
Because they can act with high privileges on internal and external systems. Without control, they could leak data, perform unintended actions, or create security breaches.
via: Palo Alto