Running an AI agent inside a business without a security layer is a bit like wiring a new electrical system throughout a building and skipping the circuit breakers. The power is on, everything works, but nobody notices the problem until something overloads.
On April 30, 2026, Palo Alto Networks announced its intent to acquire Portkey, a startup that functions as that missing security layer, sitting between enterprise applications and AI model APIs to handle authentication, routing, and policy enforcement for AI traffic.
While the financial terms were not disclosed, the deal is expected to close in Palo Alto’s fourth fiscal quarter of 2026, pending regulatory approval. What makes this acquisition worth paying attention to is not just the companies involved, but the problem Palo is trying to solve and how urgently that problem has grown.
The Security Gap That Enterprises Created for Themselves
AI agents are no longer a pilot project in most large companies. According to the Gravitee State of AI Agent Security 2026 report, over 80% of technical teams have already moved past planning into active testing or production. Only 14.4% of those agents went live with full security and IT approval. This means the overwhelming majority of AI agents now running inside enterprise environments were deployed without proper security oversight.
The same Gravitee report also found that 88% of organizations confirmed or suspected AI agent security incidents in the past year. Yet only 21.9% of those organizations treat AI agents as independent, identity-bearing entities with their own access controls.
What Portkey Does and Why Palo Alto Wants It
Portkey’s architecture sits between enterprise applications and AI model APIs, providing routing, rate limiting, policy enforcement, and visibility into model interactions.
Founded in 2023 by Ayush Garg and Rohit Agarwal, Portkey’s platform acts as a single access layer for more than 1,600 AI models, and is already processing trillions of tokens every month for enterprise clients. That scale matters, and it is why Palo Alto wants to acquire a running infrastructure.
Following the close, Portkey will serve as the AI Gateway for Prisma AIRS, acting as what Palo Alto describes as the central nervous system that can monitor, route, and secure every AI transaction across the enterprise. As such, Palo Alto gets production-scale infrastructure rather than building the capability from the ground up.
Why This Deal Signals Something Bigger
Gartner predicts that as many as 40% of enterprise applications will incorporate task-specific AI agents by the end of 2026, and a Deloitte report anticipates that at least 75% of companies will use agentic AI to some extent by 2028.
Security teams have done solid work controlling which AI tools employees can access and which vendors pass procurement review. But that leaves the execution layer open. And in 2026, the execution layer is where AI agent attacks actually happen. When an agent calls an API, writes to a database, or triggers a workflow, most enterprises have no governance in place at that moment.
Palo Alto has framed this acquisition as a direct response to that gap. The company says fragmented security tools have forced organizations to choose between innovation and safety, and that integrating Portkey into Prisma AIRS is meant to remove that trade-off by giving enterprises visibility into all their agentic traffic while enabling them to control and protect against agentic threats.
What Comes Next
The plan is to integrate Portkey into Palo Alto’s Prisma AIRS platform, allowing businesses to monitor, route, and secure AI-driven transactions with stronger governance, identity controls, and runtime threat prevention.
Palo Alto recently introduced Prisma AIRS 3.0, describing it as the industry’s first platform to secure the entire agentic AI lifecycle. The Portkey acquisition will accelerate that roadmap by adding a full-feature AI Gateway as the unified control plane enterprises need to operationalize and secure AI apps and agents at scale.
The broader industry is moving in the same direction. CrowdStrike and Cisco have both moved to address the execution layer specifically, with Cisco’s AI Defense solution expanding in early 2026 to add runtime protections against tool abuse and supply chain manipulation.
The Portkey acquisition is Palo Alto placing a clear bet on where enterprise security spending will go next, especially while most companies are still figuring out how many agents they are actually running.
