CrowdStrike, Palo Alto push AI defences

CrowdStrike, Palo Alto Networks and Google Cloud are all pitching a similar answer to the same problem: if companies are deploying AI agents, security teams need tools that can watch, test and sometimes act at machine speed. The push became more visible across April and May 2026 through Google Cloud Next, RSAC-season product launches and vendor blog posts. The common language was “agentic” or “autonomous” defense, but the products were aimed at specific tasks such as threat hunting, detection engineering, runtime controls and AI application governance. The clearest public marker came from Google Cloud Next on April 22. Google Cloud said it added three new agents in Google Security Operations that can help hunt threats, engineer detections and provide context on third parties, while also expanding security coverage with Wiz for AI and cloud applications. Google also said Model Armor can integrate with Agent Gateway and that new Agent Identities are meant to defend against “shadow AI.” (crowdstrike.com) ### Why are so many vendors talking about “autonomous response” now? Google Cloud’s April 22 announcements framed the market’s direction. The company said its new security agents are designed to automate work that analysts and detection engineers have traditionally done by hand, and partner material around Next described faster, more automated triage and remediation. (cloud.google.com) Palo Alto Networks made the same case from the AI application side. On March 23, it launched Prisma AIRS 3.0, saying the platform would secure organizations across the “agentic lifecycle,” including discovery, risk assessment and protection for autonomous agents. On April 30, Palo Alto said it planned to acquire Portkey so Prisma AIRS could add an AI Gateway as a unified control plane for AI apps and agents at scale. (cloud.google.com) ### What exactly is CrowdStrike selling into this shift? CrowdStrike’s April 23 announcement was less about a single dashboard and more about a coalition. The company launched Project QuiltWorks, describing it as an industry-wide effort to assess, prioritize and continuously remediate vulnerabilities in production code discovered by frontier AI models. CrowdStrike said the coalition included Accenture, EY, IBM Cybersecurity Services, Kroll and OpenAI at launch. (paloaltonetworks.com) On May 5, CrowdStrike expanded QuiltWorks with additional consulting and services partners including Cognizant, Infosys, KPMG, NTT DATA, Tata Consultancy Services and Wipro. The company said the effort was aimed at helping enterprises close what it called the AI vulnerability gap as organizations adopt AI systems more broadly. (crowdstrike.com) ### Where do Wiz, Varonis and Cisco fit in? Wiz used Google Cloud Next to highlight what it called “machine-speed” defense. In an April 22 post, Wiz said it was extending AI-APP coverage from AI-generated code through AI and agent studios to the cloud edge, and it described new integrations and “agentic remediation.” Google Cloud’s own Next post separately said expanded Wiz coverage would help customers build secure agents across clouds and AI studios. (businesswire.com) Varonis and Cisco have also put out current AI security material, though with different emphasis. Varonis said on March 17 that its Atlas platform gives organizations visibility and control over AI systems they build and run, and on May 21 it announced an integration with Anthropic’s Claude Compliance API. Cisco said in an April post that AI Defense was expanding to Google Cloud, and invited customers attending Google Cloud Next in Las Vegas to see the product in action. (wiz.io) ### So what is changing in practice for security teams? The product pages show the shift is moving from alerts toward controls embedded in AI workflows. Palo Alto says Prisma AIRS now covers AI agents, models, apps and data and includes agent security and runtime protections. Google says its SecOps agents can perform threat hunting and detection engineering tasks. CrowdStrike says QuiltWorks is focused on continuously remediating AI-discovered code vulnerabilities. (varonis.com) Cisco’s published framework adds another clue about where buyers are looking. The company says AI Defense maps to OWASP Top 10 for LLMs, MITRE ATLAS and the NIST adversarial machine learning taxonomy, suggesting customers are also asking vendors to tie automation claims to known control frameworks. Google Cloud Next materials from April 22 remain the most concrete public reference point for these launches, while CrowdStrike’s May 5 QuiltWorks expansion and Palo Alto’s pending Portkey integration are the next milestones to watch on company sites. (paloaltonetworks.com) (cloud.google.com) (blogs.cisco.com)