Palo Alto Networks' "Tomorrow, Secured" Recap: What Actually Matters for Practitioners

This post is sponsored by Palo Alto Networks. All opinions are my own. #ad

I attended Palo Alto Networks' Tomorrow, Secured event in San Francisco last week, and I want to cut through the keynote polish and talk about what actually shipped. Specifically, the announcements that practitioners are going to care about when they're back at their desks on Monday.

There were three major product areas covered: AI agent security, certificate and cryptographic trust management, and SASE innovations. Here's what caught my attention in each.

Next-Gen Trust Security

This one might not generate the most headlines, but it's the announcement I was most excited about as someone who has lived through the pain of certificate management at scale.

Palo Alto Networks announced Next-Gen Trust Security, which integrates CyberArk's Certificate Management and Zero-Touch PKI directly into their network security portfolio. The pitch is a network-native approach to enforcing certificate and cryptographic trust, and the details are what make it compelling.

You can discover certificates using live network telemetry. Not some agent-based scanner that misses half your infrastructure, but actual visibility derived from network traffic. You can prioritize risk based on active service exposure, so you're not chasing down certs on decommissioned boxes. Certificates get validated inline during traffic inspection. And issuance, renewal, and trust anchor transitions are automated without downtime.

If you've ever been on a war room call at 2 AM because an expired certificate took down a critical service, this is for you. If you've ever tried to maintain a certificate inventory across a sprawling enterprise and felt like you were losing, this is for you.

Moving certificate lifecycle management from a bolted-on afterthought to a network-native function is a meaningful architectural shift. It means your network enforcement layer actually understands and validates the cryptographic trust underpinning the traffic flowing through it, rather than treating certificates as someone else's problem.

This also positions organizations well for the coming quantum cryptography transition, where managing certificate and trust anchor migrations at scale without downtime is not a nice-to-have.

Prisma AIRS 3.0: AI Agent Security Gets Real Tooling

AI agents are everywhere right now. Every company I talk to is either building them, deploying them, or trying to figure out how to govern the ones their developers spun up without telling anyone. The security story for these agents has been mostly hand-waving and fake sandboxes. Prisma AIRS 3.0 is Palo Alto Networks' answer to that, and it is more comprehensive than I expected.

The standout capabilities: Agent Artifact Scanning maps out your agentic architecture and finds vulnerabilities across it. Red Teaming for Agents lets you stress test and attack your agents to discover insecure behavior before someone else does. As AI systems move from assistance to action, identity and control become foundational. Agent Identity Security assigns verifiable, non-human identities to AI agents, enforces least-privilege access, and continuously validates what each agent is allowed to do. And the AI Agent Gateway provides centralized visibility, monitoring and enforcement of policy across all agent interactions at scale.

The attack surface for agentic AI is fundamentally different from traditional application security. Agents make autonomous decisions, chain tool calls together, and can interact with infrastructure in ways their developers didn't fully anticipate. Having platform-level tooling to scan, red team, and govern these agents is becoming table stakes for anyone serious about deploying them in production.

Prisma AIRS 3.0 also plans to integrate AI Endpoint Security (based on their KOI acquisition - yet to close) for securing agents running on endpoints, which rounds out the story from cloud to edge.

Prisma SASE: Agentic Browsing and AI Data Protection

The Prisma SASE updates are where the AI governance story meets the network. A few things stood out.

Prisma Browser now has agentic capabilities where organizations can plug in their LLM of choice, but with guardrails. That includes blocking prompt injection attacks to prevent agent hijacking and compliance controls that distinguish between human and automated AI tasks. That distinction is going to matter a lot as companies try to maintain audit trails in environments where both humans and agents are taking actions.

On the data protection side, Prisma SASE now secures sensitive data across GenAI tools and agents, specifically targeting leakage into shadow AI environments. Every security team I know is dealing with shadow AI right now. Employees are spinning up tools and feeding company data into them without going through any approval process. Having network-level visibility and control over that data flow is a practical step forward.

They also introduced AI-driven network operations to eliminate manual troubleshooting and reduce ticket fatigue, using AI agents to diagnose and resolve connectivity issues. It is the kind of incremental operational improvement that adds up fast when you are running a global network.

The Bigger Picture

The theme across all of these announcements is clear: Palo Alto Networks is building platform-level answers to AI agent security, identity, and governance rather than shipping point solutions. The certificate management play and the AI agent security play in particular feel like they are addressing problems that are already causing real pain for security teams, not hypothetical future concerns.

The full Tomorrow, Secured keynote is available on-demand here. Worth watching if you are evaluating your AI security posture or want to see what is shipping from one of the biggest players in the space.

Disclosure: This post is sponsored by Palo Alto Networks. All opinions are my own. #ad