* [Blog](https://www.paloaltonetworks.com/blog)
* [Network Security](https://www.paloaltonetworks.com/blog/network-security/)
* [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/)
* Gaining Speed: Scaling AI...

# Gaining Speed: Scaling AI Without the Grinding Halt

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fgaining-speed-scaling-ai-without-the-grinding-halt%2F)  
[](https://twitter.com/share?text=Gaining+Speed%3A+Scaling+AI+Without+the+Grinding+Halt&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fgaining-speed-scaling-ai-without-the-grinding-halt%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fgaining-speed-scaling-ai-without-the-grinding-halt%2F&title=Gaining+Speed%3A+Scaling+AI+Without+the+Grinding+Halt&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/network-security/gaining-speed-scaling-ai-without-the-grinding-halt/&ts=markdown)  
\[\](mailto:?subject=Gaining Speed: Scaling AI Without the Grinding Halt)  
Link copied  
By [Erik Huckle](https://www.paloaltonetworks.com/blog/author/erik-huckle/?ts=markdown "Posts by Erik Huckle")  
Mar 17, 2026  
4 minutes  
[AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown)  
[AI red teaming](https://www.paloaltonetworks.com/blog/tag/ai-red-teaming/?ts=markdown)  
[Prisma AIRS](https://www.paloaltonetworks.com/blog/tag/prisma-airs/?ts=markdown)  
[Secure AI](https://www.paloaltonetworks.com/blog/tag/secure-ai/?ts=markdown)

There's an old military saying: "Slow is smooth, and smooth is fast." In the current race to deploy AI, most companies are doing the exact opposite. Many AI teams are moving lightning fast without the right security in place. The result is speed up front and a grinding halt down the road when something goes wrong.

Organizations are pulling countless models from Hugging Face, conducting sporadic [pen testing](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing?ts=markdown) and building AI applications in a vacuum. They hope existing guardrails will catch issues before they shut down the business. But as any security professional knows, you can't secure what you don't know about.

When AI development is jerky --- driven by "just trust me" promises rather than technical proof---you don't actually move faster. You just stop more abruptly when things break. At Palo Alto Networks, we believe Prisma^®^ AIRS^TM^ makes the AI lifecycle smooth, so your business can go fast.

# The Silent Accumulation of AI Risk

AI risk rarely announces itself with a single, obvious failure. Instead, it accumulates quietly across the lifecycle in areas that often appear routine.

1. Risks in the Model Layer

---------------------------

A developer might pull a model from a trusted public repository. It passes basic validation, yet embedded within it is a load-time exploit. Because there is no external callback or obvious indicator, traditional security tools find nothing to flag.

2. Security Gaps During Testing

-------------------------------

An [LLM](https://www.paloaltonetworks.com/cyberpedia/large-language-models-llm?ts=markdown) might pass a manual checklist or scripted tests, appearing production-ready. However, when evaluated using [AI Red Teaming](https://www.paloaltonetworks.com/cyberpedia/what-is-ai-red-teaming?ts=markdown), it behaves differently, revealing sensitive data when prompted in specific ways that human testers rarely anticipate.

3. Runtime Threats

------------------

Prompt injection attacks often bypass firewalls because the traffic itself isn't malicious at the network layer. The problem is semantic: the model [is being coerced](https://www.paloaltonetworks.com/cyberpedia/what-is-ai-red-teaming?ts=markdown) into producing unauthorized outputs, and traditional controls lack the context to recognize this in real time.

When a single model is compromised, it puts every downstream application at risk. The result is a full stop that pauses deployments and takes systems offline to audit the blast radius. Over time, this uncertainty erodes confidence for both engineering and security teams, creating friction that slows down innovation.

# The Practitioner Visibility Gap

For most organizations, slowing down AI adoption isn't an option. Yet, saying "yes" to open source and third-party models without understanding what you are deploying means operating blind.

Whether they are downloading pretrained models into S3 buckets, fine-tuning open-source versions, or building internally, dev teams are rapidly ingesting and developing lots of different types of AI assets.

Meanwhile, security teams are often left blind to the critical context of these models. Traditional tools designed to look for bad IPs or malware signatures don't have the needed context for this new AI space. They cannot detect a neural backdoor or a license conflict until the application is already in production.

# The Solution: A Test-Protect-Harden Loop

To scale securely, we must move beyond one-time manual assessments or point products that only secure one part of the lifecycle. [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) is built to support the full test-protect-harden cycle. This approach creates a repeatable loop that allows teams to test risk, protect production, and then continuously harden systems.

1. Establish a Baseline with AI Red Teaming

-------------------------------------------

We start by simulating attacker behavior against AI applications to uncover vulnerabilities before an adversary does. We establish a security baseline using an out-of-the-box attack library containing thousands of curated attack simulations from [prompt injection](https://www.paloaltonetworks.com/cyberpedia/what-is-a-prompt-injection-attack?ts=markdown) to toxic content. This provides technical proof of exactly where a model's guardrails fail, such as identifying a successful jailbreak string that leaks internal system instructions.

2. Secure the Environment with Runtime Security

-----------------------------------------------

Once a vulnerability is identified, we don't leave it to chance. We move to runtime security to protect the application in production. By applying a security profile to the API key, the system acts as a real-time proxy, inspecting every incoming prompt and outgoing response. This allows the platform to recognize threats contextually and block them instantly.

3. Continue Hardening with Feedback Loops

-----------------------------------------

Security isn't one and done. Attackers adapt, and so must your defenses. The goal isn't just to find vulnerabilities; it's to create a feedback loop. We take intelligence gathered from production attempts and feed it back into the testing suite. We simulate sophisticated, context-aware attacks to further refine security logics with a Red Teaming Agent which operates as a contextual attacker that reasons and attempts to find ways *around* current runtime filters.

# The Path Forward

Effective AI security doesn't slow teams down. It removes the friction that inevitably arises when blind spots turn into breaches. To learn more about how Prisma AIRS is helping AI teams deploy AI securely, check out our latest webinar series, [*Deploy Bravely in the Age of AI*.](https://www.paloaltonetworks.com/deploybravely?ts=markdown)

*** ** * ** ***

## Related Blogs

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown)

[#### Prevent Your AI from Becoming a Brand Liability](https://www.paloaltonetworks.com/blog/network-security/prevent-your-ai-from-becoming-a-brand-liability/)

### [AI Application Security](https://www.paloaltonetworks.com/blog/network-security/category/ai-application-security/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown)

[#### Can Your AI Be Manipulated Into Generating Malware?](https://www.paloaltonetworks.com/blog/network-security/can-your-ai-be-manipulated-into-generating-malware/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown)

[#### Red Teaming Your AI Before Attackers Do](https://www.paloaltonetworks.com/blog/network-security/red-teaming-your-ai-before-attackers-do/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown)

[#### Securing Sensitive Data Across the AI Lifecycle from Access to Runtime](https://www.paloaltonetworks.com/blog/sase/securing-sensitive-data-across-the-ai-lifecycle-from-access-to-runtime/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown)

[#### Winning the AI Race Starts with the Right Security Platform](https://www.paloaltonetworks.com/blog/2025/12/winning-ai-race-starts-with-right-security-platform/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### Securing the AI Frontier: Prisma AIRS \& Claude Code](https://www.paloaltonetworks.com/blog/network-security/securing-the-ai-frontier-prisma-airs-claude-code/)

### Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language