Recently, he said, there have been news reports that AI agents created by firms caused hacks within their own companies. He didn’t cite specific examples, but last week Meta said there had been a severe internal security breach after an autonomous AI agent exposed sensitive company and user data to unauthorized employees for two hours.
In the future, if agents in the enterprise are more than a fad, Arora said, “there will be millions of agents traversing enterprise architectures, trying to execute on their behalf — both agents delegated by people like you and me, and autonomously. I can’t imagine meeting a CEO in the last three months who does not have some aspiration to start having agents effectively doing tasks within the enterprise. It’s slow going, but the intention is there. And I can see many system integrators and consultants out there advocating and helping customers with that migration.”
But, he added, there are risks. To meet them, Prisma AIRS 3.0 will allow admins to safely deploy AI applications, he said. To increase visibility, the platform will identify agents running in cloud environments, on SaaS platforms and locally on endpoints. A capability called Agent Artifact Security maps out an agent’s architecture and scans for vulnerabilities, and another capability called AI Red Teaming for Agents simulates context-aware agentic attacks, discovers AI-related vulnerabilities, and recommends runtime security policies.
