Announcing the General Availability of Prisma AIRS AI Gateway

Every modern enterprise is moving from an organization run by software to one orchestrated by AI, creating a tension between velocity and control. To resolve this tension, organizations require a unified architecture. Today, we are announcing the general availability of the Prisma AIRS AI Gateway, the AI control plane for the enterprise. 

Driven by the absolute conviction that an AI Gateway is foundational to the modern AI infrastructure stack, we are bringing AI innovations from the Portkey acquisition to Prisma AIRS just six weeks after closing. You can now scale AI at machine speed without compromising on enterprise-grade security and control.

Our next-generation firewall telemetry reveals that MCP activity climbed from 11% late last year to 41.4% by mid-2026. Monthly AI transaction volume grew twelve-fold over the same six months; some individual sessions moved hundreds of megabytes of enterprise data outbound. The AI footprint you can govern today is the smallest it will ever be.

Some of the most rapid AI adoption is happening with – coding assistants, enterprise agents and copilots.

  • Coding agents access code repositories, file systems, configurations, and credentials. When this context, including source code and secrets, is sent to a frontier model, it risks exposing sensitive data, and a runaway loop could burn a fortune in tokens overnight.
  • Enterprise agents run with broad access and standing privileges sharing context with each other. A single agent stretched beyond its scope can massively increase the risk of data breach, impact business reputation and customer trust.
  • Copilots now sit inside the SaaS and productivity tools employees already use. Copilots with broad access can surface data an employee was never meant to see.

As this enterprise data leaves when an AI request goes out, it creates a security and governance challenge at an unprecedented scale and speed.

What breaks when every team adopts AI 

AI adoption rapidly outpaces the security and governance infrastructure meant to secure it:

  • Shadow AI (Cost and usage are both hidden): You can’t see the AI your teams already use or what it costs. 
  • Data Exposure (Sensitive data leaves without a trace): AI interactions can expose sensitive data, bypass policy and trigger unsafe outputs.
  • Agents Overstep (Actions run without accountability): Agents act across systems without clear identity, permission, or accountability. Keys get shared and agents run with broad, standing privileges, so no one can say which identity authorized a specific action or reverse it when an agent takes a wrong turn at machine speed.

Faced with this, most leaders either block traffic entirely or stay permissive and promise to govern later. Both approaches fail because they skip the critical step: seeing what agents do at runtime and controlling their actions while they happen.

To scale AI adoption safely, you need a single control plane sitting between every AI interaction and the backend models. Prisma AIRS AI Gateway brings AI governance, identity and runtime controls together in one place. With the AI Gateway, you can:

  • Discover AI usage: Know exactly which apps, models, users, teams and agents are active, what they are accessing, and what they cost in a single unified view.
  • Govern AI interactions: Enforce central rules for model access, tool use and budgets while inspecting prompts and responses inline to prevent data leaks.
  • Secure every agent: Verify agent identities and enforce just-in-time, least-privilege access so autonomous systems only touch what they need, when they need it.

Prisma AIRS AI Gateway sits inline between every AI interaction, model provider, and agentic interaction (Agent/AI App to LLMs, MCP Tool Calls, and A2A). It acts as a unified LLM, MCP, and A2A Gateway with a single enforcement point for all operational and security controls. Your teams keep using their existing coding assistants, enterprise agents, and copilots, while enforcement moves to the infrastructure layer where the platform team can own it.

Capabilities delivered through this unified control plane are:

Observability

Every request maps to a single unified view: tracking usage, users, projects, token counts, latency and cost so you can retire shadow AI infrastructure immediately.

Governance

Centrally define approved models, tools, and access without touching developer configurations. To drive FinOps and usage management, track every request’s cost, tokens, and latency by team or project. Answer cost questions instantly, shut down unsanctioned AI usage, and proactively enforce budgets and rate limits before access is granted.

Coding Assistant Security

Protect credentials, proprietary code and development systems from risky AI actions. The gateway replaces raw provider keys with scoped credentials per user and team.

Operational Controls

Apply data protection, usage limits and policy checks as AI interactions happen. Traffic distributes via a Universal API across providers ensuring quotas are enforced and outages never stall your pipeline.

Agent Identity Security

Establish trusted identities by binding a verifiable, ephemeral identity to agents at execution. The AI Gateway acts as an enforcement point to ensure only authenticated agents are allowed to make approved calls.

Runtime Security 

Powered by Prisma AIRS AI Runtime Security, the gateway inspects every prompt and response inline, stopping source code, secrets and customer data from leaving the network while neutralizing prompt injection attempts aligned with the OWASP LLM Top 10 and OWASP Top 10 for Agentic Applications.

the ai control plane of every enterprise

Prisma AIRS AI Gateway brings AI governance, identity and runtime controls together in one place. Point products filter text strings or route a single API call and they buckle under real enterprise volume.
Most products fail at scale. Prisma AIRS AI Gateway is built on an architecture tested in the most demanding enterprises for their ever evolving AI workloads: 

  • 68 Trillion+ tokens processed in the last month alone.
  • Sub-millisecond routing latency and inline inspection secures AI interactions without degrading user experience.
  • 99.999% availability ensures your AI operational pipeline does not experience a single point of failure.

Learn about Prisma AIRS AI Gateway and register for our webinar to see the AI Gateway in action.

Your developers have already adopted their agents. The agentic enterprise is a reality. As the recently named “company to beat” in AI Security Platforms by Gartner, Palo Alto Networks is uniquely positioned to help you. Let’s build it securely, together.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *