In the ongoing AI boom, the adoption and implementation of AI tools and agents is rapidly outpacing the rate at which governance instrumentation is being built to contain and manage them. Previously existing controls like zero trust network access (ZTNA), data loss prevention (DLP), and endpoint detection are blind to session-level AI interactions, making them functionally useless against many AI-enabled risks. As threats continue to advance and outstrip protective capabilities, the browser is emerging as the primary unmonitored surface in the enterprise stack, making it a site of increased risk.
Why Browser Security Arrived Late to the Zero Trust Conversation
Throughout the development of zero-trust architecture and principles, browser security has not been at the forefront of considerations. The foundations of Zero Trust matured around pillars of identity and network layers, rather than application-layer user behavior. Enterprise browser solutions historically have required full browser replacement, constituting a deployment barrier that stalled adoption for many organizations.
The overlay model used by security startup LayerX circumvents the difficulties of full browser replacement by offering support for popular commercial browsers. LayerX enables organizations to govern activity within existing browser environments without disrupting workflows. The technological capabilities of the platform provide real-time visibility and control of a wide range of user actions and interactions without the need for significant changes to an organization’s network infrastructure.
The Akamai Strategic Calculus
Cybersecurity and cloud computing company Akamai has announced a definitive agreement to acquire LayerX for around $205 million. This is the fourth such acquisition of an Israeli cybersecurity firm in the last five years, following the company’s purchases of Guardicore in 2021, NeoSec in 2023, and Noname in 2024. This pattern demonstrates where Akamai’s sights are set and where the company’s expansion efforts are focused.
The acquisition of LayerX integrates with ZTNA, AI runtime protection, and workload segmentation to close the growing gap in session-level governance that is continuously creating new risks. Akamai’s expectation that LayerX will have up to $10 million annual recurring revenue by year end signals early-market timing, giving an indication of upcoming trends in the industry and the category. This acquisition serves as a deliberate move to shape the architecture of this security category before it consolidates.
The Agentic Complication
There are many factors in the continuing development of the AI explosion that further intensify the challenges of governance in the AI era. Autonomous AI browsers like Atlas and Comet introduce non-human actors that operate in the same browser surface that employees do, muddying the waters of visibility and monitoring functionality. Agentic sessions are able to generate interactions with no human review—including prompts, file transfers, API calls—that existing policy frameworks cannot sufficiently adjudicate.
Browser-layer governance becomes the only viable control point when the "user" is an AI acting on behalf of a human. LayerX offers support for agentic browsers as they continue to develop and emerge on the market, attempting to address the rising challenges introduced by the adoption of these agentic platforms. The integration of sophisticated, browser-level visibility and governance into existing infrastructures is an important step in securing the age of agentic AI.
What This Means for Enterprise Security Leaders
Defenders and security leaders should look to this acquisition as a signal of where the market is heading and where security and governance efforts should be focused in the near future. The question is no longer whether to permit AI tool access—organizations are largely already doing so without proper security preparations—but whether visibility exists to effectively govern it after access is granted.
Procuring AI productivity tools without implementing corresponding session-layer controls creates compounding compliance issues and exposure. Browser governance is likely to become a standard pillar of Zero Trust in the near future, and organizations that treat it as optional are building AI strategies on an unaudited foundation.
