The Palo Alto Networks Acquisition of Koi Security marks a significant move as Palo Alto Networks has announced its intent to acquire Koi Security, a fast-emerging cybersecurity startup focused on protecting what the company calls the “agentic endpoint.” The deal, valued at approximately $400 million, signals Palo Alto’s deepening investment in artificial intelligence-driven security as enterprises rapidly adopt autonomous AI agents across their systems.
The acquisition addresses a growing concern in the cybersecurity landscape: AI agents that operate with significant access privileges inside corporate environments. Unlike traditional malware, these agents are not inherently malicious. However, they can read, write, execute tasks, and interact with sensitive enterprise data often beyond the visibility of conventional endpoint protection tools.
Lee Klarich, Chief Product and Technology Officer at Palo Alto Networks, noted that legacy security frameworks were built to detect malicious files and abnormal user behavior, not autonomous AI systems acting with legitimate permissions. As organizations scale AI deployment, the security perimeter must evolve to monitor, control, and govern these intelligent systems in real time.
Koi Security has positioned itself at the forefront of this emerging category, developing technology designed specifically to analyze, monitor, and secure AI-driven operations at the endpoint level.
Integration Into Prisma AIRS and Cortex XDR
Under the proposed acquisition, the Palo Alto Networks Acquisition will bring Koi’s technology into its AI security platform, Prisma AIRS, as well as enhance its Cortex XDR endpoint protection suite. The goal is to create a unified system capable of identifying risky AI behavior, enforcing policy controls, and ensuring compliance across enterprise environments.
Koi’s platform focuses on providing visibility into AI agents, browser extensions, plugins, scripts, and other autonomous tools operating within endpoints. These elements can execute automated workflows and make decisions independently, creating potential security blind spots. By embedding Koi’s capabilities into its existing ecosystem, Palo Alto aims to deliver continuous monitoring and contextual risk assessment for AI-powered processes.
Amit Assaraf, CEO and co-founder of Koi Security, stated that joining Palo Alto Networks would allow the company to scale its innovation globally and accelerate adoption among large enterprises. He emphasized that security must be built directly into AI-native environments rather than layered on after deployment.
The acquisition is subject to customary closing conditions and is expected to finalize later this fiscal year.
Part of a Broader AI Security Expansion Strategy
The Palo Alto Networks Acquisitionl reflects a broader strategic shift at Palo Alto Networks as the cybersecurity industry adapts to AI-driven transformation. Enterprises worldwide are increasingly integrating generative AI, autonomous copilots, and workflow automation into daily operations. While these tools enhance productivity, they also introduce new categories of risk that traditional defenses were not designed to handle.
This acquisition follows Palo Alto Networks’ recent large-scale expansion efforts aimed at securing identity systems and cloud-native architectures in the AI era. Industry analysts view the Koi move as a logical extension of that strategy, focusing specifically on the endpoint, where AI agents directly interact with sensitive data and execute tasks.
As AI adoption accelerates, the Palo Alto Networks Acquisition positions the company to address the growing need to secure the “agentic endpoint.” By combining Koi’s specialized AI visibility tools with its own global cybersecurity infrastructure, Palo Alto Networks is positioning itself to define the next phase of enterprise endpoint protection.
More details on integration timelines and strategic direction are expected during the company’s upcoming earnings discussions.
