Socwise logo
close
Zsolt Vilhelm
08/21/2025

Fighting invisible threats – How does AI protect against AI?

Zsolt Vilhelm
Palo Alto Networks introduces AI Access Security, AI-SPM, and AI Runtime Security to combat modern AI-driven cyber threats, ensuring visibility, vulnerability management, and real-time attack prevention.

The artificial intelligence (AI) revolution is not only boosting productivity and innovation – we find ourselves in the midst of a new, invisible cyber arms race. Generative AI, especially large language models (LLMs), has become an integral part of everyday life and business processes. Document summarization, code generation, customer service chatbots—almost every organization today uses some form of AI solution, whether they know it or not.

Three recently introduced solutions from Palo Alto Networks—AI Access Security, AI-SPM (Security Posture Management), and AI Runtime Security—are specifically designed to protect against these modern, AI-centric threats. They not only detect and alert, but also proactively prevent data loss, manipulation, and malicious operations.

The dark side of AI – when technology falls into the hands of attackers

The linguistic sophistication of LLMs has taken social engineering attacks to a new level. Once upon a time, an email written in poor language would immediately give the phisher away – today, artificial intelligence can produce perfect language and style, even completely personalized. This is particularly dangerous in a corporate environment, where a single deceived user can open the door to attackers.

On the attacker side, so-called "dark" LLMs such as WormGPT and Evil Bart have already appeared. These are specifically trained to generate malicious code, attack scenarios, and exploit descriptions—with the same efficiency as legitimate models on the good side.

Prompt injection has also opened up a new front. The attacker manipulates the input so that the model bypasses its own built-in security restrictions and outputs prohibited information or performs undesirable operations. This can be technical in nature (e.g., car hacking instructions) or manipulative (inserting false data into the response).

Palo Alto Networks' approach – three pillars of AI security

Palo Alto Networks divides risks into three main areas and provides targeted technological solutions for each. The goal is not only to prevent attacks, but also to make the entire AI usage chain transparent, controllable, and secure.

1. AI Access Security – Visibility and data protection in AI use

AI Access Security is like a radar that detects all corporate AI applications—including those that the IT department is unaware of (shadow AI).

  • Full visibility: categorize the AI tools you use—whether they are chatbots, code generators, image generators, or video creation platforms.
  • Real-time data filtering: the system recognizes sensitive information (e.g., social security number, credit card details) and blocks it from being transmitted to AI models.
  • Rule-based control: authorizes or prohibits the use of specific AI applications based on the company's security policies.

This solution not only serves to reduce risks, but is also important from a legal and compliance perspective: it helps to ensure that the use of AI complies with data protection regulations and contractual commitments.

2. AI-SPM – Security situation overview of the AI ecosystem

Many people think of an AI application as a single LLM, but the reality is much more complex. A modern AI solution often involves a complete infrastructure:

  • hardware (GPUs, CPUs),
  • containers and orchestration platforms,
  • vector databases,
  • APIs and plugin modules,
  • real-time data sources.

The aim of AI-SPM is to map this complex ecosystem in its entirety and evaluate it from a security perspective.

  • Component inventory: displays all elements of the AI system.
  • Vulnerability analysis: reveals security gaps at the infrastructure and application levels.
  • Data connection mapping: shows which internal or external data sources the AI application accesses and how secure they are.
  • Risk prioritization: ranks threats so that the security team can start fixing the most critical issues first.

This feature is particularly useful for companies that develop their own AI applications or integrate them from third-party services.

3. AI Runtime Security – Protection against runtime attacks

Some attacks hit the AI system not during the development phase, but during live operation. AI Runtime Security is a Palo Alto Networks firewall specially optimized for AI environments, which:

  • Protection against prompt injection: blocks manipulated requests that attempt to circumvent the model's security restrictions.
  • Output inspection: filters out responses containing poisoned data, false information, or malicious URLs.
  • Container and cloud security: capable of controlling network communication between containerized AI components, even in cloud-based environments.

This type of runtime protection is crucial, as attackers often attempt to cause damage through real-time manipulation.

OWASP Top 10 – now tailored to LLMs

For years, OWASP's traditional "Top 10" list has ranked the top security risks for web applications. However, with the rise of generative AI, the LLM OWASP Top 10 has also been created, which lists the most common vulnerabilities of large language models.

It is not surprising that prompt injection tops the list, but it is accompanied by issues such as output handling errors and unauthorized data access. Palo Alto Networks solutions—particularly AI-SPM and AI Runtime Security—cover several items on this list, significantly reducing the attack surface.

Summary – AI against AI

The development and integration of AI is no longer a competitive advantage, but a basic business requirement. However, cybersecurity cannot be left behind: defenses must evolve as quickly as the attack technology itself.

Palo Alto Networks' three new solutions—AI Access Security, AI-SPM, and AI Runtime Security—combine to form a defense system that:

  • provides full visibility into AI usage,
  • reveals the vulnerabilities of the AI ecosystem,
  • and blocks malicious operations in real time.

Artificial intelligence is one of the greatest opportunities of the future – and also one of the greatest risks. The question is not whether we use it, but how. Can we create value with it and protect it at the same time?

Contact form for blog articles

Are you interested in this solution?

Fill out the form and we will contact you soon.

SOCWISE © 2022 ALL RIGHTS RESERVED  Business value protection in expert hands.
crossmenu
SOCWISE
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.