AI Agents AI Gadgets & HW AI Models - LLM AI Open Source AI Security AI for Coding AI for Gaming AI for Images AI for Music AI for Videos Artificial Intelligence Editor's Choice NVIDIA AI Other News Robotics Tech Face-off Tech Satire

The De-Humanized Perimeter: Palo Alto Networks Bets $25 Billion on the Age of the AI Agent

By Artūras Malašauskas May 18, 2026 8 min read Share:
By integrating CyberArk, Koi, and Portkey into the new Idira platform, Palo Alto Networks is shifting the cybersecurity battlefield from human logins to the autonomous identities of AI agents.

If you've been watching the cybersecurity landscape lately, it’s clear the old perimeter-based defense is basically a relic. In a world where AI agents are doing everything from writing code to managing financial transactions, "logging in" has become the new "breaking in." Palo Alto Networks knows this better than anyone, and their latest move—the launch of the Idira identity security platform—is a massive bet that the future of security isn't just about firewalls, but about managing the sprawling mess of human and machine identities.

The headline here isn't just a new product name; it’s a masterclass in aggressive platformization. By officially integrating the heavy-hitting capabilities of CyberArk, which Palo Alto snatched up in a blockbuster Delmorgan & Co. $25 billion deal earlier this year, the company is effectively swallowing the identity market whole. But they didn't stop at traditional privileged access management (PAM). They’ve also tucked in tech from Koi and Portkey to address a very modern, very scary problem: the rise of autonomous AI agents.

The Agentic Identity Frontier

We’ve reached a weird tipping point where machine and AI identities outnumber human ones by a staggering 109 to 1, according to data cited by Investing.com . This is where Koi comes in. Acquired for roughly $400 million, Koi specializes in "Agentic Endpoint Security," designed to stop malicious scripts, rogue AI models, and browser extensions that traditional antivirus tools usually ignore. Think of it as a bouncer for the AI tools your developers are already using, like Claude Code or OpenClaw, ensuring these "agents" don't become the ultimate insider threat.

Then there's Portkey. If Koi is the bouncer at the endpoint, Portkey is the air traffic controller for AI traffic. As Palo Alto’s new AI Gateway, it monitors and secures trillions of tokens, acting as a central nervous system for every AI transaction. As noted by Palo Alto Networks, Portkey allows enterprises to move autonomous workloads into production without the terrifying "bill shock" or security gaps that usually come with scaling large language models.

Idira: One Platform to Rule Them All

Idira is the glue holding this all together. It’s essentially a rebranded and supercharged evolution of CyberArk, now woven into the broader Palo Alto ecosystem. For existing CyberArk customers, the shift might feel like a facelift at first—new logo, sleeker UI—but the underlying plumbing is significantly more powerful. It pushes the industry toward a "Zero Standing Privilege" model, where no one (and no thing) has permanent access to sensitive systems. Instead, access is granted just-in-time and revoked the second the task is done.

Why does this matter? Because 90% of organizations reported an identity-related breach last year, per Biometric Update. Attackers aren't hunting for software vulnerabilities as much as they are hunting for over-privileged credentials. By treating every identity—human, machine, or AI agent—as potentially privileged, Idira attempts to close the massive visibility gaps that have haunted CISOs for years.

In the end, Palo Alto Networks is doing what it does best: buying the best-of-breed players and folding them into a single, unified story. It’s a bold strategy that aims to make identity the center of the security universe. Whether enterprises are ready for this level of consolidation is one thing, but with AI agents quickly becoming the new workforce, they might not have much of a choice.

What Most Reports Miss: While the glossy press releases focus on the jaw-dropping $25 billion price tag for CyberArk, the real story isn't just about consolidation—it’s about the total "de-humanization" of the security perimeter. For years, we’ve talked about identity as if it were a person sitting at a desk with a password. But by pulling Koi and Portkey into the fold, Palo Alto Networks is admitting that the biggest threat to your enterprise isn't a phishing email sent to an employee; it’s an over-privileged, autonomous script making API calls in the middle of the night without any human oversight.

Industry insiders see this as the "end of the PAM era" as we know it. Privileged Access Management used to be a niche discipline for protecting the "keys to the kingdom"—the admin accounts. But in a cloud-native world, every microservice has a "key." When you look at the integration of Koi, you see a defensive posture that treats a browser extension with the same level of suspicion as a root admin. This is a massive cultural shift for IT departments who are used to giving their developers free rein over their local environments.

The Hidden Battle for the 'AI Gateway'

The addition of Portkey is perhaps the most strategic "chess move" in this entire rollout. While companies like Cloudflare and Zscaler are racing to secure the web, Palo Alto is racing to secure the inference. As LLMs become integrated into every workflow, the "AI Gateway" becomes the most valuable piece of real estate in the stack. It’s where data privacy, cost management, and prompt injection defense all meet. By embedding Portkey into Idira, Palo Alto is ensuring they aren't just protecting the user, but the very intelligence the user is interacting with.

From a stakeholder perspective, this creates a fascinating tension. CFOs are eyeing the consolidation with a mix of relief and anxiety; having "one throat to choke" for identity and network security simplifies the vendor list, but it also creates a level of vendor lock-in that is nearly impossible to escape. Meanwhile, DevOps teams are wary. They fear that the "Zero Standing Privilege" model, while secure, will act as a digital speed bump that slows down the deployment of the very AI agents Idira is designed to protect.

Historically, Palo Alto Networks has built its empire on the "platformization" of fragmented markets. They did it with firewalls, they did it with the cloud via Prisma, and now they are doing it with identity. The risk, of course, is the "all eggs in one basket" problem. If Idira becomes the single point of failure for an organization's human and machine identities, the stakes for Palo Alto's own internal security have never been higher. They aren't just selling a tool anymore; they are selling the trust required to let AI run the business.

Ultimately, this move signals that the "identity" of 2026 is no longer a static profile in an Active Directory. It is a fluid, high-velocity stream of permissions that needs to be granted and revoked in milliseconds. By merging CyberArk’s legacy of trust with Koi and Portkey’s modern edge, Palo Alto is betting that the only way to manage the AI-driven future is to automate the police just as fast as we've automated the workers.

Reading Between the Lines: The narrative being pushed here is one of seamless "platformization," but we need to talk about the inherent contradiction of securing AI with even more complexity. Palo Alto Networks is essentially pitching a "complexity firewall"—arguing that the only way to manage a sprawling, unmanageable identity crisis is to buy a single, even larger system to govern it. It’s a bold gamble that assumes the friction of "Zero Standing Privilege" won't eventually spark a shadow-IT rebellion among developers who just want their AI agents to work without requesting a digital hall pass every three seconds.

There is also the matter of the "integration debt" that often follows massive acquisitions. On paper, merging CyberArk’s legacy vaulting with Portkey’s high-velocity token management sounds like a symphony. In practice, these technologies come from different eras and were built with fundamentally different philosophies. One is built for the slow, methodical world of compliance; the other for the "move fast and break things" world of LLMs. Squaring that circle within the Idira interface without creating a bloated, sluggish "manager of managers" will be the real engineering hurdle over the next eighteen months.

The Monoculture Risk

Furthermore, we have to look at the systemic risk of the "Palo Alto Monoculture." As the company absorbs the functions of PAM, AI gateways, and endpoint security, they are becoming a single point of failure for the global digital economy. If an attacker finds a way to bypass Idira, they aren’t just into a single server; they effectively hold the permissions for every human and AI agent in the enterprise. For a platform built on the premise of "Zero Trust," it requires an immense—and perhaps ironic—amount of absolute trust in a single vendor.

Finally, there is the question of the "AI Agent" themselves. We are securing them as identities, but we still haven’t fully solved the problem of non-deterministic behavior. If an AI agent with "just-in-time" access decides to hallucinate a new cloud configuration while it has the keys, Idira will log the event perfectly, but it won't necessarily understand the intent behind the disaster. Securing an identity is easy; securing the logic of an autonomous entity is a frontier that even a $25 billion acquisition hasn't fully conquered yet.

"In our rush to give every AI script a badge and a background check, we’ve created a world where the bots have better credentials than the employees—and likely a much more efficient HR department to manage them."

Arturas Malas Artūras Malašauskas is an AI Systems Integrator with 20+ years of production-grade web engineering experience. He has designed, shipped, and scaled enterprise Python/PHP systems for logistics, SaaS, and public-sector clients. For the past year, he has focused exclusively on AI integrations: deploying open-source LLMs, building generative media pipelines (image, audio, video), and engineering multi-agent workflows for real production environments. His standard: reproducibility, security, cost-efficient inference—no vaporware. He documents and evaluates emerging AI tooling, separating verified capabilities from marketing noise. Technical editor at: muza-ai.eu, ai-verslas.lt, ai-naujinos.lt Connect on LinkedIn
Share:

Comments

Sign in to comment:
    <