Palo Alto touts agentic AI defenses

Security vendors are starting to talk about AI agents the way they used to talk about cloud workloads — as a new thing that needs its own control plane. That is the real story here. Palo Alto Networks is not just saying “our SOC uses AI.” It is trying to stitch together identity security, detection, and automated response into one pitch for the agentic era. The big change is that CyberArk is no longer just a partner in that story — it is now inside the company, and Palo Alto is framing that combination as a way to secure both human users and software agents. ### What is Palo Alto actually selling? Basically, Palo Alto is saying the modern SOC should run on Cortex XSIAM, with AI doing more of the triage, investigation, and response work automatically. The company’s current marketing leans hard on “fight AI with AI,” and XSIAM 3.0 adds proactive exposure management and advanced email security on top of the broader SecOps platform. The pitch is not a single point product, XDR, SOAR, and more into one workflow. ### Why does CyberArk matter so much? Because AI agents need identities, credentials, and permissions. That is the awkward part of the agentic-AI boom — a helpful autonomous agent can look a lot like a very dangerous insider if it gets broad access and goes off script. CyberArk has long been the big name in privileged access and identity security, and its site now says plainly that it is the platform for the AI era. That gives Palo Alto something more concrete than generic “AI safety” language. It gives the company a way to say it can govern what agents are allowed to touch. ### So is this new, or just a repackaging? Both. The XSIAM automation story has been building for a while, and Palo Alto was already talking about the autonomous SOC through 2025. But the CyberArk acquisition changes the shape of the argument. Before, Palo Alto could say it had AI-driven operations. Now it can say it also owns the identity and privilege layer that agentic systems will depend on. That is a stronger argument when the risk becomes real-world damage. ### Where does CrowdStrike fit in? CrowdStrike is pushing almost the same macro thesis from the other side. It has been rolling out Charlotte AI Agentic Workflows, Agentic Response, agentic cloud detection and response, and even Agentic MDR services. It also has Falcon AIDR, which is explicitly framed as AI Detection and Response operating system for AI-era defense. ### Why are buyers paying attention now? Because the attack timeline is shrinking. Palo Alto says adversarial AI is speeding up reconnaissance and exfiltration, with scans for new vulnerabilities happening in minutes and data theft in under two hours. CrowdStrike’s 2026 AIDR page says AI-enabled adversaries drove an 89% increase if attackers automate the whole chain. ### What is the catch? The catch is that “agentic AI defense” still means a lot of bundling, roadmap promises, and vendor-defined categories. Buyers have to separate three things: AI that helps analysts, AI that takes actions, and controls that limit what AI agents can do in the first place. Those are related, but they are not the same product. ### Bottom line? Palo Alto’s frames it as the identity story. Put together, Palo Alto is arguing that securing