This year has seen a significant wave of AI-focused cybersecurity acquisitions as organizations increasingly seek to take advantage of the AI explosion to expand their capabilities and improve operations. With the growing prevalence of AI-empowered tools and platforms in enterprise environments, it is becoming more important than ever to invest in measures to defend against threats to AI operations. The next frontier in Zero Trust is AI lifecycle protection to ensure security of AI-enhanced tools over time.
The SPLX Advantage
AI security startup SPLX was founded in 2023 with the goal of aiding organizations in securing AI models and infrastructures throughout their lifecycle. The company’s technology stack includes a cloud-based AI security platform, proprietary AI/ML for attack simulations and real-time threat detection, and integrations with code repositories like GitHub. These tools allow for capabilities such as AI asset discovery, automated red teaming, runtime guardrails, governance, and prompt hardening.
Zscaler’s Strategic Integration
Zscaler’s acquisition of SPLX is a strategic move that complements the company’s existing capabilities. The integration of SPLX will expand the Zero Trust Exchange platform by adding functionalities that enable the security of AI investments across their entire lifecycles. The addition of features from SPLX has far-reaching implications for the future ability to secure AI models, chatbots, and agentic workflows as they shift over time.
“By combining SPLX’s technology with the intelligence of the Zscaler Zero Trust Exchange and its native data protection that classifies, governs, and prevents loss of sensitive data across prompts, models, and outputs, Zscaler will secure the entire AI lifecycle on one platform,” says Jay Chaudhry, CEO, Chairman, and Founder of Zscaler. “This will strengthen our industry leadership and give customers the confidence to safely embrace AI.”
The Broader Trend: Consolidation in AI Security
The acquisition of SPLX by Zscaler is just one such deal in a much larger industry trend toward AI security consolidation. Recent high-profile examples include SentinelOne’s acquisition of Prompt Security, Check Point’s acquisition of Lakera, CrowdStrike’s acquisition of Pangea, and Tenable’s acquisition of Apex Security. Organizations are increasingly investing in an emerging AI security stack to protect AI tools and operations across their lifecycles, from detection to governance.
Consolidation like this is growing more popular as companies move to combine the technologies and tools that will shape AI security. Reducing the volume of different tools deployed by an organization can help with visibility and management of crucial security processes, mitigating some of the problems of tool sprawl and complex security stacks. It can enable greater efficiency, unified data visibility, and more effective risk management.
Analysis – The Shift from Reactive to Autonomous Defense
The era of the AI explosion has led to a shift in the needs and priorities of many organizations, redefining traditional Zero Trust boundaries. With the rise of agentic AI and the new and evolving threats associated with the use of AI tools, the security principles of traditional Zero Trust must be updated to account for AI identities and capabilities.
Many organizations are attempting to move toward agentic, self-healing defense systems, powered by AI, with the sophisticated capabilities required to manage AI-related risks. The wave of acquisitions in AI security reflects a trend toward robust AI security that combines the expertise and capabilities of industry leaders. Large security vendors are racing to establish ownership of this layer of defense, as it may well define this era of cybersecurity.
The Next Battleground: Trust in AI Systems
Zscaler has a prominent position in shaping the landscape of AI security, and this acquisition is another major step with far-reaching impacts. Integrating the capabilities of SPLX’s technology stack is a significant move toward ensuring AI security in complex enterprise environments. Enterprise security strategies going into 2026 and onwards are likely to demonstrate a shift toward robust security throughout AI lifecycles.
