Palo Alto Networks Acquires Koi to Secure the AI-Driven Attack Surface

Palo Alto Networks has finalized the acquisition of Koi, a strategic move designed to fortify its defenses against the burgeoning risks associated with the enterprise AI attack surface. As organizations rapidly integrate large language models (LLMs) and generative AI tools into their core operations, they are inadvertently opening new vectors for exploitation. This acquisition signals a critical shift in the cybersecurity landscape, where the focus is moving beyond traditional endpoint and cloud security toward the specialized protection of AI-driven workflows and the data that fuels them.

The concept of the AI attack surface encompasses a wide range of vulnerabilities that traditional security tools are often ill-equipped to handle. These include prompt injection attacks, where malicious inputs trick an LLM into bypassing safety filters, and the accidental leakage of proprietary data through employee interactions with public AI models. By bringing Koi’s specialized technology into its fold, Palo Alto Networks aims to provide a comprehensive security layer that can monitor, govern, and protect how AI models interact with sensitive corporate information. This is particularly vital for highly regulated industries like finance and healthcare, where the productivity gains of AI must be balanced against stringent data privacy requirements.

“

Palo Alto Networks has finalized the acquisition of Koi, a strategic move designed to fortify its defenses against the burgeoning risks associated with the enterprise AI attack surface.

Industry analysts view this acquisition as a key component of Palo Alto Networks’ broader platformization strategy. Under the leadership of CEO Nikesh Arora, the company has consistently sought to consolidate disparate security tools into a unified ecosystem, primarily through its Prisma Cloud and Cortex offerings. Integrating Koi’s capabilities will likely allow Palo Alto to offer advanced AI Security Posture Management (AI-SPM). This relatively new category helps Chief Information Security Officers (CISOs) gain visibility into which AI tools are being used across their organization, identify shadow AI, and enforce consistent security policies across all AI-integrated applications.

The move also places significant pressure on major competitors such as Zscaler and CrowdStrike, who are also racing to define the AI security category. While many firms have focused on using AI to improve threat detection—often referred to as AI for security—the acquisition of Koi emphasizes the urgent need for security for AI. As the volume of machine-to-machine communication increases, traditional perimeter-based defenses are becoming insufficient. The industry is moving toward a model where security is embedded directly into the AI inference path, providing real-time inspection of both inputs and outputs.

Looking ahead, the integration of Koi is expected to accelerate Palo Alto Networks' ability to offer real-time mitigation of AI-specific threats. This includes the ability to redact sensitive information before it reaches a public LLM and to detect adversarial attacks designed to poison training data or manipulate model behavior. For enterprise customers, the acquisition promises a more streamlined approach to AI adoption, providing the necessary guardrails to move from experimental pilots to full-scale production environments without compromising their security posture. As AI becomes the new operating system for the enterprise, securing that system has become the next major frontier in the cybersecurity arms race.