Palo Alto Networks and Koi have entered into a definitive agreement that will see Palo Alto Networks acquire the AI security innovator.
The move reflects growing concern around the risks posed by autonomous AI agents operating across enterprise systems.
The acquisition is designed to address what both companies describe as a critical new blind spot in enterprise security: the “Agentic Endpoint”. As artificial intelligence increasingly shapes workforce productivity, AI agents and tools now operate with deep access to sensitive data, broad system permissions and the ability to act independently. However, these agents frequently bypass traditional security controls. Financial terms of the deal were not disclosed.
Palo Alto Networks provides a wide range of cybersecurity solutions spanning network security, cloud security and AI-driven threat detection. Its platforms include Prisma AIRS™, an AI security offering, and Cortex XDR®, its endpoint detection and response solution. The company serves enterprises worldwide seeking to defend against increasingly sophisticated cyber threats.
Koi, meanwhile, pioneered the concept of Agentic Endpoint Security, focusing specifically on securing AI agents, plugins, scripts, packages and model artefacts that influence endpoint behaviour outside traditional oversight. Its technology is designed to give enterprises visibility and control over AI-native ecosystems, where agents can read, write and move data autonomously.
Following completion of the transaction, Koi’s capabilities will be integrated into Prisma AIRS™, expanding protection across AI-driven operations. At the same time, its technology will enhance Cortex XDR® by improving visibility into the evolving AI attack surface, supporting stronger security policies and malware prevention. The integration aims to enable enterprises to deploy AI agents and automation tools with greater confidence.
The companies argue that traditional security architectures were built to detect malicious files and executables. However, modern attackers are now chaining exploits within agent frameworks, including authentication bypass and API-based remote code execution, while spoofing agent identities and hijacking credentials. With extensions, plugins and scripts increasingly shaping endpoint behaviour, the risk landscape has shifted significantly.
Palo Alto Networks chief product & technology officer Lee Klarich said, “AI agents and tools are the ultimate insiders. They have full access to your systems and data, but operate entirely outside the view of traditional security controls. By acquiring Koi, we will be closing this gap and setting a new standard for endpoint security. We will give our customers the visibility and control required to safely harness the power of AI—ensuring that every agent, plugin, and script is governed, verified, and secure.”
Koi CEO and co-founder Amit Assaraf said, “We founded Koi to secure the next frontier of risk. In an agentic-first world, traditional solutions are blind. Joining forces with Palo Alto Networks will allow us to scale our technology to the world’s largest organizations, delivering protection that makes work on the modern AI-native endpoint secure by design.”
Find more on RegTech Analyst.
Keep up with all the latest FinTech news here
Copyright © 2026 FinTech Global
