Palo Alto Networks Acquires Koi, Defines New “Agentic Endpoint Security” Category

Summary

Palo Alto Networks has completed its acquisition of Koi, a move that establishes a new cybersecurity category the company calls Agentic Endpoint Security (AES). The acquisition directly addresses the expanding attack surface created by the rapid enterprise adoption of AI-powered coding agents and autonomous tools.

Koi’s technology will be integrated with Prisma AIRS to extend visibility and security to agentic AI on the endpoint, offering a single control plane for enterprise-wide AI adoption. Additionally, the acquisition enables a new module for Cortex XDR to identify and remediate risks within the AI software ecosystem. Koi’s capabilities will also remain available as a standalone product.

The announcement specifically calls out tools like Claude Code and OpenClaw as driving the productivity gains — and the security risks — that necessitate this new category of protection.

Source

Palo Alto Networks — Official Press Release

Commentary

This is one of the first major acquisitions that explicitly frames AI coding agents as an insider threat vector. Palo Alto isn’t wrong — agentic tools that operate with access to critical systems and sensitive data are essentially autonomous insiders with broad permissions. Traditional EDR was built for humans clicking things, not for AI agents executing thousands of file operations and API calls per hour.

The fact that a $100B+ security company is creating an entirely new product category around this tells you where the industry thinks the next wave of breaches is coming from. If you’re deploying coding agents in production without endpoint monitoring tuned for agentic behavior, this should be your wake-up call.