CybersecurityNetwork Security

Palo Alto Networks Bolsters AI Security With Portkey Acquisition

Analyst 207||Source: GovInfoSecurity
Modern tech facility interior with AI device prototype on display.

"We want all communication of agents to go through a centralized gateway," Executive Vice President of Network Security Anand Oswal told ISMG.

Palo Alto Networks moves to acquire Portkey

Palo Alto Networks plans to purchase Portkey, a San Francisco startup that builds an AI agent gateway designed to centralize and control communications among autonomous agents. Portkey was founded in 2023, employs 47 people and has raised $18 million in funding, including a recently completed $15 million Series A round led by Elevation Capital. The company has been led since its inception by Rohit Agarwal, who previously served two years as head of product for AI writing assistant Pepper and more than five years leading product management for Freshworks.

What Portkey’s gateway is designed to do

Palo Alto says Portkey funnels agent-to-agent and agent-to-service traffic through a single control point that supports observability, governance and runtime protections. According to Anand Oswal, the gateway can host an agent registry, enforce runtime and identity protections, and provide "complete observability of the entire steps along the chain." Palo Alto positions the gateway as the place to apply policy consistently across thousands of agent interactions that would otherwise produce fragmented visibility and inconsistent controls.

Technical posture: tokens, onboarding, and enterprise usage

Oswal described Portkey as a production-hardened solution already processing "trillions of tokens," a figure Palo Alto cites as evidence of scale and real-world readiness. He also highlighted the product's developer-friendly design and minimal onboarding friction as drivers of adoption. Portkey's open-source adoption has, Oswal said, encouraged widespread usage across organizations of varying sizes and — he claimed — "many large customers, Fortune 500 customers" are running it at scale.

Integration into Prisma AIRS and identity controls via CyberArk

Palo Alto plans to fold Portkey into its Prisma AIRS offering to create a unified platform for securing AI applications and agents across the lifecycle. Oswal described Prisma AIRS as spanning model scanning and red teaming to runtime protection and posture management; Portkey's gateway is intended to fill what Palo Alto calls a critical gap by providing centralized control during production. Oswal also emphasized the role of identity: Palo Alto intends to integrate identity controls through CyberArk to manage permissions, enforce least privilege, prevent misuse and enable just-in-time access for agents as they act autonomously.

Why Palo Alto is framing this as a security imperative

Portkey’s approach is framed around a simple risk: agents often require broad permissions to perform useful work, and those permissions can dramatically increase an environment's attack surface. Oswal explained that agents embedded on endpoints, in SaaS platforms or in cloud environments typically need access to local file systems, third-party repositories such as GitHub and the internet at large. "If a compromised agent could act with the same privileges as a user or system," Oswal said, "that dramatically increases the potential blast radius." The gateway, in Palo Alto's view, is the place to apply controls that reduce that blast radius by centralizing policy, monitoring and identity enforcement.

What this means for technologists, procurement leaders, and adversaries

  • Technologists and security teams: Expect a focus on runtime controls and observability — centralized agent registries, token inspection and identity-based enforcement are the features Palo Alto is prioritizing to monitor and manage agent behavior.
  • Procurement leaders and enterprises: The Portkey acquisition is being positioned as a production-ready component to integrate into broader AI security stacks (Prisma AIRS). Buyers evaluating agent governance tools will likely weigh claims of scale ("trillions of tokens") and enterprise adoption when considering procurement and deployment.
  • Adversaries and threat actors: Palo Alto frames the threat as the elevated blast radius created when autonomous agents have broad permissions. Centralizing traffic through a gateway aims to reduce opportunities for a compromised agent to move laterally or misuse credentials, changing the point of control and monitoring that adversaries would face.

Palo Alto's argument is straightforward: as agents proliferate and act with greater autonomy, a new architectural control point is needed. Portkey's gateway is being presented as that control point — integrated into Prisma AIRS and tied to identity controls via CyberArk — and Palo Alto points to scale and enterprise customers as proof points. The proposed acquisition reframes the security problem around centralized observability, policy enforcement and identity for machines as well as people.

Read the original report: Palo Alto Networks Targets AI Agent Gateway With Portkey Buy

Ai SecurityArtificial IntelligenceAutonomous AgentsEmerging ThreatsNetwork SecurityPalo Alto NetworksAcquisitionGatewayPortkey
Related Intelligence

Continue Reading

Rows of network equipment and cables in a well-lit server room with a central server or hardware appliance.

F5 Fixes Flaws in NGINX Open Source Enabling Remote Code Execution

F5 has issued urgent security updates for NGINX products after discovering two critical flaws, CVE-2026-42530 and CVE-2026-42055, that could allow remote code execution. These vulnerabilities, rated 9.2 on the CVSS v4 scale, pose a significant threat and require immediate attention to prevent exploitation.

Analyst 207
Control room operators monitor industrial systems amidst rows of screens and control panels.

Accenture Bolsters Industrial Cybersecurity with $4.18B Acquisition Spree

As Robert M. Lee aptly puts it, our critical infrastructure, from energy and water systems to manufacturing plants, is crying out for robust cybersecurity that can stay one step ahead of evolving threats - and failing to deliver it could have disastrous societal consequences. Accenture is answering the call with a whopping $4.18 billion investment to bolster industrial cybersecurity.

Analyst 207
Kubernetes management interface on a laptop screen in a data center background.

Google Exposes Flaw in Kubernetes Operator, Denies Bug Bounty

Google's security team initially praised researcher Justin O'Leary for uncovering a high-severity flaw, dubbed ConfigConfusion, in the Config Connector add-on for Kubernetes - only to later claim it wasn't a vulnerability at all and deny a bug bounty. The issue still lingers, leaving users of the open-source tool potentially exposed.

Analyst 207
Business professional looks concerned while holding laptop amidst scattered papers and office supplies.

Microsoft 365 Exposes Data Protection Gaps for Businesses

Microsoft 365 is a powerhouse for productivity, but it leaves data protection gaps that put businesses at risk. The harsh reality is that while Microsoft safeguards its infrastructure, the responsibility of protecting your business data - including backups and recovery - falls squarely on your shoulders.

Analyst 207