Palo Alto Networks and Google Cloud have signed a multibillion‑dollar expansion of their partnership to secure the next wave of cloud and agentic AI adoption reportedly “approaching $10 billion,” it was announced on December 19. The deal tightens engineering, commercial, and infrastructure alignment between the two firms, with Palo Alto’s Prisma AIRS platform embedded more deeply into Google Cloud’s AI stack and Palo Alto migrating key internal workloads—as well as its own AI copilots—onto Vertex AI and Gemini.
The companies say the goal is to build security into every layer of hybrid multicloud infrastructure, every stage of application development, and every endpoint, so customers can ship AI applications at speed without leaving critical data and models exposed.
Why is the Palo Alto-Google Cloud Security Deal Impactful?
The agreement focuses on building security “from code to cloud,” combining Google Cloud’s AI and infrastructure services with Prisma AIRS, which Palo Alto positions as a comprehensive AI security layer.
For ERP and enterprise IT teams rolling out AI copilots, agent frameworks, and cloud-native extensions, the expanded partnership translates into several concrete pieces:
- End‑to‑end AI security on Google Cloud. Prisma AIRS will protect live AI workloads and data on Google Cloud, including Vertex AI and Agent Engine, with capabilities spanning AI posture management, AI Runtime Security for real‑time defense, AI Agent Security for autonomous systems, AI red teaming, and AI model vulnerability scanning. Palo Alto will also secure key developer tooling such as Google’s Agent Development Kit (ADK), aiming to make security a default part of AI agent build pipelines.
- AI‑driven firewalls and SASE. Deep integrations between Palo Alto’s VM‑Series virtual firewalls and Google Cloud will allow customers to apply consistent threat prevention policies across public, private, and hybrid clouds while accelerating Google Cloud adoption. Prisma SASE—Palo Alto’s secure access service edge platform—already runs on Google’s network; the partners plan to lean on Google Cloud Interconnect to help customers connect WAN infrastructure across multiple clouds and maintain unified policies as users access AI‑heavy applications on Google Cloud.
- Unified security experience. Solutions will be “pre‑vetted and engineered to work together,” the firms say, reducing integration friction and giving customers a single view of security posture across hybrid multicloud estates. For overstretched security teams already juggling multiple CNAPP, XDR, and SIEM tools, that consolidation pitch will be as important as the underlying AI features.
Palo Alto President BJ Jenkins framed the move as an answer to a question many boards are now asking: how to exploit AI without inviting new classes of attack. “We’re removing the friction between security and development, providing a unified platform where the most advanced security is simply a native part of building what’s next,” Jenkins said, adding that embedding AI‑powered security “deep into the Google Cloud fabric” effectively turns the platform itself into a proactive defense system.
Matt Renner, president and chief revenue officer at Google Cloud, said joint customers increasingly want Epic‑style “one stack” simplicity for cloud and security, noting the expansion will “ensure that our joint customers have access to the right solutions to secure their most critical AI infrastructure and develop new AI agents with security built in from the start.”
AI Attacks Drive Cloud Security to Breaking Point
The announcement lands days after Palo Alto’s latest State of Cloud Security report was released, which found that 99% of respondents reported at least one attack on their AI systems in the past 12 months, ranging from theft of data via AI assistants to abuse of exposed model endpoints and compromised credentials.
The report also highlighted a 41% rise in API attacks year on year, as AI and agentic architectures rely more heavily on APIs to orchestrate tasks across cloud services and SaaS applications. Identity remains a persistent weak point, with 53% of organizations citing overly permissive IAM as a top challenge in their cloud environments.
Palo Alto’s Unit 42 research team has further warned about emerging agent‑to‑agent attack chains and advanced prompt injection techniques that exploit the very orchestration patterns enterprises are now piloting.
What This Means for ERP Insiders
AI security will be a platform decision, not just a tool choice. As hyperscalers and security vendors knit their roadmaps together, choosing Google Cloud increasingly implies standardizing on Prisma AIRS, Prisma SASE, and related tooling as the reference AI‑security stack. ERP and application leaders building on Google Cloud will need to evaluate not only point features, but how these end‑to‑end controls align with their own identity models, data‑residency requirements, and multi‑cloud strategies.
APIs and identities around ERP will become prime AI targets. With API‑driven integration central to connecting ERP, CRM, and AI agents, the 41% increase in API attacks and widespread identity access management weaknesses point to a growing risk at the seams between systems, rather than in any one application. ERP teams exposing services to agent frameworks on Google Cloud will need to tighten API governance, least‑privilege access, and runtime monitoring, rather than assuming that “cloud‑native” automatically means “secure‑by‑default.”
Consolidated observability and governance will matter more than ever. The partners’ promise of a simplified, pre‑integrated security experience speaks directly to security operations centers already juggling CNAPP, XDR, SIEM, and custom dashboards. For ERP leaders, the practical question is whether this consolidation gives line‑of‑business and security teams a single, actionable view of risks to critical processes—from AI‑driven invoice processing to autonomous supply‑chain agents—or simply adds another console to an already crowded screen.
