When the industry first embraced secure access service edge (SASE), the promise was simple: a cloud-delivered platform that converges networking and security to provide secure access for any user, in any location, to any application. SASE was designed to simplify a fragmented world. At Palo Alto Networks, we didn't just meet that promise; we defined the standard. We are the only vendor to be named a leader in the Gartner® Magic Quadrant™ for SASE Platforms three times in a row.

Today, we are standing at another inflection point. For customers, the adoption of AI is tempered by the fear that rapid innovation might outpace the ability to protect their organization. At Palo Alto Networks, we believe security should remain consistent as you adopt AI.

Prisma SASE was designed from day one to be the future-ready foundation for the modern AI-driven enterprise. We built it on four core principles: defense-in-depth powered by Precision AI; flexible and distributed enforcement points for security; industry-leading performance and uptime; and a unified management console. Our recent milestone of crossing the $1.5 billion ARR mark for SASE reflects the trust customers have placed in us.

Today, I want to highlight some of the innovations we are delivering to customers, building on top of the strong foundation. Over the next few weeks, we will go deeper into each of these topics.

Shifting Reality for Customers

The rise of AI has redefined the nature of risk, rendering traditional, fragmented security models obsolete. We are seeing AI accelerate the volume and velocity of attacks, lowering the entry barrier for attackers while supercharging their efficiency. In fact, Unit 42® research shows that attack timelines have compressed from an average of 10 days to as little as 2.4 hours. By automating complex stages of the attack lifecycle, adversaries are turning what used to be week-long operations into machine-speed executions that happen in minutes.

A profound shift in our threat landscape compounds this speed. Data used to be structured and stored in known, predictable silos. SaaS disrupted that model, and AI has once again made it nearly impossible to track or govern sensitive information. As organizations race to capture the "AI dividend," data sprawl has created an exposure risk that legacy tools simply cannot track or control.

At the same time, we are rapidly moving from chatbots that suggest to agents that execute. Gartner projects that by the end of this year, 40% of enterprise applications will feature embedded agents, with 60% of all software interactions becoming agent-driven by 2028. These agents aren't just summarizing data; they are navigating SaaS apps and acting on behalf of users, a transition that brings novel threats like indirect prompt injection and shadow agents to the forefront.

The evolution to agentic workflows is concentrated in the new workspace: the browser. With nearly 85-100% of the modern workday spent within a web browser, the browser has become the main mode for adopting agents and one of the leading attack origination points today.

Lastly, beneath it all sits the threat of quantum computing where the harvest now, decrypt later (HNDL) reality means architectures built for yesterday are effectively obsolete if they aren't prepared for the post-quantum era.

Future-Proof Architectural Foundation

Our SASE platform is built on an architectural foundation that is ready for the next age of enterprise risk.

Powered by Precision AI^Ⓡ, our platform delivers universal zero trust through distributed and flexible enforcement points. We inspect traffic as close to the user as possible to ensure that whether your teams are at the corporate HQ, a remote branch, a coffee shop or working from home, they receive the same protection at their precise point of interaction. By natively integrating Prisma^Ⓡ Browser and extension directly into our SASE fabric, we also block encrypted, in-browser assembled attacks and zero-day browser exploits that traditional cybersecurity approaches cannot see.

This foundation is defined by unmatched performance and resilience. By leveraging global hyperscalers, we provide the massive scale and reach that modern organizations require. For specialized, high-performance and sensitive needs, SASE Private Location brings that same cloud-delivered resilience directly to your private campus.

All of this is anchored by unified operations, ensuring that as you adopt the future, our security architecture remains an accelerator for secure productivity rather than a bottleneck.

Innovating to Secure the AI Future

We have and continue to deliver the next wave of innovation to secure the complex ecosystem of AI interactions. A few highlights of the innovations we are delivering to our customers include the following five areas.

1. Securing the AI Lifecycle

Securing the AI journey requires a multifaceted strategy that addresses both how AI is consumed and how it is built. In many organizations, the attack surface expands silently as employees share sensitive data with unvetted shadow AI applications, or as developers ship models with unmanaged APIs and infrastructure. We believe the only way to manage this complexity is through a layered approach to governance that covers the entire lifecycle.

On the consumption side, AI Access Security™ provides the visibility and control required for the modern workforce. It allows you to discover every AI application in use, assess its risk and govern the data flowing into it to block AI-enabled threats in real-time. Simultaneously, for organizations building their own intelligence, Prisma^Ⓡ AIRS^TM secures the development pipeline. It protects the models, APIs, and underlying infrastructure throughout their lifecycle, ensuring that nothing reaches production without meeting your security standards.

Both tracks are unified in Strata Cloud Manager, a single pane of glass that eliminates the blind spots inherent in stitching together disconnected point products. As AI continues to move at machine speed, our unified approach ensures your security covers the whole picture without slowing down innovation.

2. Reinventing Data Security

Data is everywhere, and so is our protection. From SaaS applications and email to browsers, custom-built applications, endpoints, cloud storage and GenAI interactions, our platform is designed to deliver comprehensive coverage, ensuring sensitive data is governed consistently regardless of where it rests or moves. At the heart of this innovation is an AI-driven shadow data discovery and classification engine that automatically surfaces unknown and unmanaged data across your environment. By utilizing LLM and ML-based classifiers, we identify sensitive content with superior efficacy, delivering up to 10x fewer false positives than legacy signature-based approaches.

Our approach is anchored in the vision of a closed-loop data security system that unifies three critical pillars into a single, intelligently connected platform: data security posture management (DSPM), data loss prevention (DLP), and data detection and response (DDR). The future of data protection requires a continuous security loop that involves using DSPM to proactively discover shadow data and assess misconfigurations and integrating it with real-time DLP to enforce protection wherever data lives and as data moves. This synergy ensures that your security system doesn't just react to breaches but proactively classifies sensitive content at scale and enforces protection before data ever leaves authorized boundaries.

3. Securing Non-Human Identities (NHI)

We have reached a defining moment in cybersecurity where identity is no longer limited to human users and now encompasses a sprawling ecosystem of nonhuman identities (NHIs) that outnumber employees by nearly 80 to 1. These identities, including AI agents, must be treated as first-class citizens in SASE workflows as they remain the fastest-growing attack surface, are often hidden and dangerously overprivileged.

Prisma SASE addresses this directly by discovering and providing visibility into NHIs across enterprise SaaS applications, continuously assessing their posture to identify risk patterns and misconfigurations. Prisma SASE also drives remediations, including least-privileged enforcement, to ensure NHIs are governed with the same rigor as human identities.

As AI adoption accelerates, the attack surface now extends to the protocols these agents rely on: for example, the model context protocol (MCP) introduces a new class of network-layer risk. Prisma SASE extends inline enforcement to MCP traffic, giving security teams the ability to detect, inspect, and control MCP sessions in real time to help ensure the pipelines feeding your AI agents are policy-enforced end to end. With our acquisition of CyberArk, we are positioned to extend this same posture-driven, least-privilege approach beyond SaaS to cover the full spectrum of non-human identities anywhere across cloud, on-premises and in agentic environments.

4. Automating Deployment and Operations

A secure enterprise begins with a foundation that is built correctly from the very first minute. We are leveraging AI to bridge the Day-0 complexity gap, moving away from manual, error-prone setups toward autonomous deployment. By using AI-powered configuration assistants and predictive preflight checks, our platform can automatically discover your environment and immediately apply best practice policies. This ensures that no security or operational gaps exist from the moment you go live, allowing organizations to deploy bravely and at scale without the traditional friction of human-driven configuration.

Our customers have recognized our commitment to superior deployment and customer experience. Palo Alto Networks was recently named a Gartner® Peer Insights™ Customers’ Choice for Security Service Edge (SSE) with industry-leading ratings for deployment experience.

Once an infrastructure is live, the focus shifts to maintaining peak performance and security amidst a constant stream of Day-N changes. Through Strata Cloud Manager and our autonomous AI operations platform, Cortex® AgentiX^TM, we leverage enriched telemetry to not only watch your network, but proactively manage it. When an anomaly or operational gap is detected, our autonomous agents work to resolve the issue. We also provide multiple levels of control to build trust in these agentic actions. This shift eliminates the manual complexity, significantly reduces the total cost of ownership while ensuring that your security posture remains resilient at the speed of AI.

5. Fighting the Risk of Quantum Computing Breaking Today’s Security

The era of quantum computing is no longer a distant theoretical concern; it is a looming security reality that threatens the very core of modern encryption. This urgency is driven by HNDL tactics, where adversaries intercept encrypted data today to unlock its secrets once they possess quantum power.

Palo Alto Networks is already delivering a post-quantum cryptography (PQC)-ready SASE infrastructure today. We are ensuring that the entire SASE backbone is PQC-ready to protect data in transit against quantum threats.

Going beyond our own infrastructure, we ensure organizations can now gain deep insights into their own PQC-readiness, allowing them to identify vulnerable areas within their network through an automated cryptographic bill of materials (CBOM) that surfaces ZTNA applications still relying on vulnerable RSA/ECC encryption.

To proactively mitigate these risks, our agentic remediation capabilities automatically steer highly sensitive traffic like financial or R&D data to PQC-enabled gateways. Furthermore, we provide active Drift Detection to block crypto-drift, ensuring that misconfigured applications or malicious actors cannot downgrade connections to weaker, non-quantum-safe ciphers. By integrating these standards into our global, performant architecture, we provide a clear and confident path for organizations to thrive in a post-quantum world.

Supporting Our Customers in the AI Era

Ultimately, our mission is to prepare, support and secure our customers as they navigate this transformative era. We understand that the path to an AI-Ready Enterprise isn't just about deploying new features; it's about building a partnership rooted in resilience and innovation.

We know that as you adopt AI, the stakes get higher. That is why Palo Alto Networks is committed to being the partner that has your back. We are here to ensure that as your AI ambitions grow, your security posture only gets stronger, more autonomous and more resilient.

This blog is just the start of our journey. We haven't just prepared for the AI-driven future; we are already securing it. Let’s build the AI-Ready Enterprise together.

Gartner, Magic Quadrant for SASE Platforms, 9 July 2025, Jonathan Forest, Neil MacDonald, Dale Koeppen
The report was titled 'Magic Quadrant for Single-Vendor SASE in 2023-2024.

GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant and Peer Insights are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.