In today's digital landscape, APIs are the backbone of modern applications, and AI is the engine of innovation. As organizations increasingly rely on microservices and AI-powered features, the API gateway has become the critical control point for managing traffic. But as LLM/GenAI and MCP requests flow through these gateways, they bring a new wave of security challenges. How do you protect your organization from prompt injection, data leakage, and malicious outputs without disrupting the flow of innovation?

Palo Alto Networks and Kong are excited to answer that question by announcing the new integration between Prisma® AIRS™ and the Kong AI Gateway. By bringing the industry's most comprehensive AI security to the world's most popular API gateway, we are empowering organizations to secure their AI traffic at scale. This partnership provides a centralized enforcement point for AI security, allowing you to manage policies and protect your applications and agents without adding friction for your developers. It’s security at the speed of AI, allowing you to Deploy Bravely.

Why Kong AI Gateway?

Kong is a leader in API management, trusted by organizations worldwide to secure, connect, and manage their APIs and microservices. Kong Gateway acts as the central nervous system for application traffic, making it the ideal location to enforce security policies consistently and efficiently.

On top of the API gateway, Kong has developed [Kong AI Gateway](https://konghq.com/products/kong-ai-gateway)Kong AI Gateway to support GenAI infrastructures as well as emerging protocols like [Model Context Protocol (MCP)](https://konghq.com/blog/learning-center/what-is-mcp)Model Context Protocol (MCP).

Kong AI Gateway provides, natively, extensions, called plugins to implement AI-based use cases:

• AI Proxy Advanced plugin uses multi-LLM capability to abstract and load balance multiple LLM models based on semantic policies and others.
• Prompt engineering including AI Prompt Template, AI Prompt Decorator, and AI Semantic Prompt Guard plugins
• AI Semantic Cache plugin.
• AI Rate Limiting Advanced to implement token-based rate limiting policies
• RAG Injector to inject content from a vector database and create RAG pipelines
• LLM as Judge plugin enables automated evaluation of prompt-response pairs
• AI MCP Proxy converts APIs into MCP Tools and proxies MCP Servers.
• AI MCP OAuth2 implements OAuth2 authentication mechanisms for MCP Servers

Prisma AIRS: Real-Time AI Threat Prevention

Prisma AIRS delivers real-time, inline security for all your AI applications and agents by scanning all prompts, responses, and tool calls for threats.

A primary concern is prompt injection, where bad actors manipulate AI models with malicious inputs to hijack their functionality. Without protection, an organization's AI could be tricked into bypassing safety protocols, generating harmful content, or even executing unauthorized actions, creating a significant security liability. Prisma AIRS can detect and block prompt injection attacks that seek to manipulate your models.

Furthermore, AI models handle vast amounts of data, making data leakage a critical threat. The unintentional exposure of sensitive information — such as personally identifiable information (PII), financial records, or proprietary data — can lead to severe compliance violations, financial penalties, and a catastrophic loss of customer trust. Prisma AIRS helps prevent sensitive data leakage by blocking or redacting PII, financial information, and other confidential data.

Finally, ensuring that AI outputs are safe and free from malicious content is paramount. Unfiltered AI could generate harmful, biased, or even malicious code, which could then be used in your business applications. This not only poses a risk to your internal systems but could also expose your customers to dangerous content, possibly leading to issues including, but not limited to, legal and reputational damage. Prisma AIRS stops unsafe and malicious outputs, including harmful content and malicious code, and enables your AI models to produce only safe, ethical, and trustworthy results.

Better Together: Two Powerful Paths to AI Security

The Prisma AIRS integration with Kong is designed for flexibility, meeting you where you are in your AI security journey. There are two distinct methods for integrating Prisma AIRS with the Kong Gateway, allowing you to choose the approach that best fits your needs.

1. The Prisma AIRS Plugin for Kong Gateway

For the most comprehensive, bidirectional AI security, there's the Prisma AIRS Plugin. As a standard Kong plugin, it provides deep integration and robust protection.

Rather than relying on one-way security that only checks user inputs, this plugin offers bidirectional protection, inspecting both the prompts going to your LLMs and the responses coming back. For a business, this is a game-changer. By scanning upstream prompts, you can prevent threats, like prompt injection and sensitive data leakage, before they ever touch your models. This protects your models from being manipulated by malicious actors and safeguards customer and proprietary information, helping you avoid costly data breaches, compliance fines, and reputational damage.

Equally critical is the ability to scan downstream responses. AI models, if compromised or simply unmonitored, can generate malicious or unsafe content. Imagine a customer support chatbot accidentally providing a user with a phishing link or malicious code. This could directly expose your customers to harm, leading to legal liability and a complete erosion of trust. By analyzing all outputs, the plugin ensures that every piece of information your AI provides is safe, ethical, and aligned with your business standards.

Finally, the plugin enables centralized policy enforcement. Instead of managing security policies on a per-application basis, which is prone to error and inefficiency, you can now apply rich security policies across all your AI services from a single, central point within the Kong AI Gateway. This approach not only streamlines operations and reduces management overhead but also ensures that your security posture is consistent and scalable. For businesses, this means fewer security gaps, a more efficient security team, and the ability to confidently scale your AI adoption without sacrificing protection.

This is the recommended approach for organizations seeking the highest level of AI security and control.

2. The Prisma AIRS Request Callout

For organizations that need speed, simplicity, and flexibility, Prisma AIRS is leveraging Kong's new Request Callout plugin. This innovative method allows you to integrate Prisma AIRS by simply dropping a code snippet into your Kong configuration.

Rather than wrestling with configurations or plugin management, businesses can now secure their AI services by simply inserting a code snippet into their Kong API gateway configuration. This direct, UI + code-based approach provides immediate value, enabling teams to get their applications up and running with a critical layer of defense in a matter of minutes, not hours or days. For a business, this means a faster time to market for new AI-powered products and features.

The true business value of this approach lies in its ability to provide targeted security at the most critical point: the user's prompt. As user inputs travel through the API gateway, the Prisma AIRS Request Callout inspects them in real-time. This inline defense is specifically designed to stop prompt injection attacks — where bad actors try to manipulate your AI models — and prevent sensitive data leakage from user inputs before they ever reach the LLM. For an organization, this protection translates directly into reduced risk of data breaches, compliance violations, and reputational damage. It ensures that the AI applications are not only secure but also trustworthy for both the company and its users.

This simplified, developer-friendly workflow empowers your engineering teams to build and deploy with confidence. They don't need to become security experts or navigate a complex security framework. Instead, they can focus on what they do best: building innovative solutions, knowing that a foundational layer of security is already in place. This streamlined process not only accelerates development cycles but also lowers the operational overhead and potential for human error, ensuring that security is a seamless part of the development lifecycle rather than a roadblock.

This approach provides a fast and efficient way to secure your AI prompts, ensuring that only safe and compliant requests reach your models.

"Securing AI requires meeting customers where they are," said Jaimin Patel, Sr. Director of Product for Prisma AIRS at Palo Alto Networks. "Our integration with Kong is security at the speed of AI, allowing you to Deploy Bravely."

Get Started Today

The future of application development is built on AI and managed through API gateways. With the new Prisma AIRS integration for Kong AI Gateway, you no longer have to choose between speed and security.

Visit [Palo Alto Networks'](https://pan.dev/airs/)Palo Alto Networks' and [Kong](https://developer.konghq.com/plugins/)Kong's documentation portals to learn more about the integration and decide which method is right for you. Ready to see it in action? [Get a 30-day trial](http://cloud.konghq.com)Get a 30-day trial of Kong Konnect and request a [demo and start your free trial of Prisma AIRS](https://www.paloaltonetworks.com/get-started)demo and start your free trial of Prisma AIRS today.