Palo Alto Networks has announced a definitive agreement to acquire Koi in a move aimed at addressing risks created by AI-driven workplace software. The company said modern AI agents operate with broad system permissions and direct access to sensitive information while often bypassing conventional defenses designed for malicious files. Attackers are increasingly exploiting agent frameworks through authentication bypass and API-based remote code execution, while spoofed identities and hijacked credentials turn automated processes into attack tools.
Following the transaction, Koi’s technology will integrate into Prisma AIRS and enhance Cortex XDR visibility across AI-related activity, helping organizations monitor plugins, scripts, and model artifacts that influence endpoint behavior. Chief Product and Technology Officer Lee Klarich stated, “AI agents and tools are the ultimate insiders. They have full access to your systems and data, but operate entirely outside the view of traditional security controls.”
He added that the acquisition would deliver the visibility and control needed to safely leverage AI. Koi Chief Executive Amit Assaraf said, “In an agentic-first world, traditional solutions are blind,” noting the partnership would extend protection to large enterprises. The companies expect the integration to help organizations deploy AI-based workflows while maintaining verifiable oversight and stronger endpoint safeguards.