Palo Alto Networks, announced it has entered into a definitive agreement to acquire Koi, the pioneer of Agentic Endpoint Security, enabling organizations to gain visibility into-and protection for-the rapidly growing AI-native ecosystem that now defines modern work. As artificial intelligence reshapes workforce productivity, it is also creating a rapidly expanding and largely unmanaged attack surface across every endpoint. AI agents and tools-collectively known as the “agentic endpoint”-operate with deep access to sensitive enterprise data, broad permissions, and the ability to perform complex actions, often outside the visibility of traditional security controls.
The new imperative: Agentic Endpoint Security
Conventional endpoint security was designed to stop malicious files and known threats. Today’s AI agents and tools, however, can actively read, write, and move data while autonomously executing workflows across systems. Attackers are increasingly chaining exploits within agent frameworks-from authentication bypass to API-based remote code execution-while spoofing agent identities and hijacking credentials to weaponize trusted automation.
At the same time, the endpoint attack surface is expanding beyond traditional executables. Extensions, plugins, packages, scripts, and model artifacts now play a central role in shaping endpoint behavior, often outside centralized oversight. AI agents dramatically accelerate and operationalize this shift, compounding risk at machine speed. This transformation has created a critical blind spot in legacy security architectures-making a new category of protection essential: Agentic Endpoint Security.
Also Read: NVIDIA Accelerates Agentic AI with Blackwell Ultra Platform
After the completion of the acquisition, Koi’s Agentic Endpoint Security strengths will be incorporated into Palo Alto Networks’ Prisma AIRS™, its AI security offering, which will provide broader protection for key AI-related processes. At the same time, the integration will improve Cortex XDR® by bolstering its capabilities to monitor the AI-enhanced attack surface of endpoints, as well as improve security policy enforcement and malware protection.
“AI agents and tools are the ultimate insiders. They have full access to your systems and data, but operate entirely outside the view of traditional security controls. By acquiring Koi, we will be closing this gap and setting a new standard for endpoint security. We will give our customers the visibility and control required to safely harness the power of AI-ensuring that every agent, plugin, and script is governed, verified, and secure,” said Lee Klarich, Chief Product & Technology Officer, at Palo Alto Networks.
“We founded Koi to secure the next frontier of risk. In an agentic-first world, traditional solutions are blind. Joining forces with Palo Alto Networks will allow us to scale our technology to the world’s largest organizations, delivering protection that makes work on the modern AI-native endpoint secure by design,” Amit Assaraf, CEO and Co-Founder of Koi.