F5 Launches AI Security Platform to Put Security Leaders in Control of Enterprise AI Risk

Key Terms

shadow ai technical

Shadow AI describes employees using artificial intelligence tools or services without formal approval, oversight, or integration into official systems — for example, personal subscriptions, free web apps, or browser add-ons. For investors this matters because these hidden tools can expose sensitive data, create compliance or legal problems, produce unreliable results, and lead to unexpected costs or reputational damage, much like an unapproved gadget in a factory that creates safety and billing surprises.

prompt injection technical

A prompt injection is a deliberate attempt to trick an AI system by inserting misleading or malicious instructions into the text it reads, causing the system to behave in unintended ways or reveal sensitive information. Like slipping a fake note into a stack of instructions, it matters to investors because it can lead to data breaches, regulatory breaches, faulty decisions, reputational damage, and unexpected costs for companies that rely on AI-driven tools.

agentic ai technical

Agentic AI refers to computer systems that can make their own decisions and take actions without needing someone to tell them what to do each time. It's like giving a robot a degree of independence to solve problems or achieve goals on its own, which matters because it could change how we work and interact with technology in everyday life.

air-gapped technical

A system described as air-gapped is physically isolated from public and private networks so it cannot be reached over the internet or company LAN, like a safe kept in a room with no phone line. For investors this matters because air-gapping reduces the risk that critical data, trading algorithms, backups or industrial controls will be accessed or tampered with by hackers, but it can also increase costs and slow information flow compared with connected systems.

data residency regulatory

Data residency describes the country or region where a company stores and processes its digital information, shaped by local laws and technical choices. Think of it like deciding which filing cabinet in which country holds a company’s important papers — that choice affects legal obligations, privacy protections, costs and how easily the company can move or share information. Investors watch data residency because it can create regulatory risk, compliance costs and constraints on expansion or cloud strategy.

runtime protection technical

Runtime protection is a set of security measures that monitor and block malicious activity while software or devices are actively running, much like a security guard watching a building in real time and stopping intruders as they appear. For investors, it matters because effective runtime protection reduces the risk of data breaches, service outages and regulatory fines, helping preserve a company's revenue, reputation and ongoing product reliability.

See more from StockTitan in Google Search and AI answers. Adds StockTitan as a preferred source · opens Google

Add on Google Not now

F5 acquires SurePath AI to enhance new AI Security Platform, tackle shadow AI risks, and deliver continuous visibility, governance, and protection for enterprise AI

SEATTLE--(BUSINESS WIRE)-- F5 (NASDAQ: FFIV), the global leader in delivering and securing every app and API, today introduced the F5 AI Security Platform to give CISOs continuous visibility, governance, and protection across enterprise AI applications, models, agents, and the APIs connecting them. F5 also announced the acquisition of SurePath AI, a pioneer in network-based AI discovery, intent classification, and shadow AI detection, as a key component in the launch of the new F5 AI Security Platform to safeguard enterprise AI deployments.

Through a continuous, adaptive loop approach to governing, discovering, testing, and protecting enterprise AI workloads, the new platform is designed to extend F5’s Application Delivery and Security Platform (ADSP) strategy to enterprise AI. As a global cybersecurity leader, F5 recognized the AI deployment realities of large enterprises, building the F5 AI Security Platform to support on-premises, air-gapped, private cloud, hybrid, and public cloud environments. This is intended to give organizations greater control over AI security where data residency, sovereignty, and operational requirements are non-negotiable.

AI systems now operate with more access, autonomy, and speed than even the most over-privileged human users, creating new risks for security teams and business leaders. A prompt injection, data leak, or agent acting beyond its authorized scope can expose sensitive information, disrupt operations, and erode customer trust.

At the same time, employees are adopting unauthorized tools and unsanctioned integrations, creating shadow AI footprints that most security teams cannot see, let alone govern. According to F5’s 2026 State of Application Strategy (SOAS) Report, 88% of organizations report at least one AI-related operational or security challenge.

“Most AI security today is a wrapper around a chatbot. That is not security,” said Kunal Anand, Chief Product Officer, F5. “Enterprises run AI inside regulated networks, behind APIs, and across agents that authenticate and act on their own. The F5 AI Security Platform gives CISOs and security leaders what they have been missing: continuous control over every model, agent, and API, wherever the AI runs, delivered on the same F5 platform that has secured and delivered enterprise applications for three decades.”

SurePath AI: Closing the AI visibility gap

The addition of SurePath AI powers the F5 AI Security Platform’s approach to network-based AI discovery, identifying AI usage across the enterprise, including shadow AI, without requiring direct application integrations. With frictionless deployment through network redirects and out-of-band analysis, SurePath AI gives security teams a unified visibility layer that detects unauthorized AI activity, classifies the intent behind each workflow, and continuously traces agent tool calls and MCP server connections. This visibility feeds directly into the F5 AI Security Platform, informing the risks to be tested by F5 AI Red Team and mitigated by F5 AI Guardrails.

Delivering a continuous cycle of protection

The F5 AI Security Platform addresses AI risk through four integrated pillars and an overarching observability layer that creates a persistent security lifecycle rather than a one-time compliance exercise. Features include:

• AI governance: Translate specific risk tolerances, privacy requirements, and regulatory obligations into enforceable boundaries for AI prompts, outputs, tool use, and data access.
• AI discovery: Gain continuous visibility into every AI application, agent, and MCP tool call running across the enterprise, whether sanctioned or not. The platform classifies activity by use case and intent, so teams know not just what is running but why. SurePath AI’s network-based discovery does this passively, with no application-level integration required.
• AI security testing: Stress-test AI systems against more than 140,000 attack patterns from the deepest AI threat database in the industry before those systems reach production, converting findings directly into enforceable defenses.
• AI runtime protection: Define guardrails in plain language and deploy them at the point of interaction, where the platform has demonstrated up to 98.2% security efficacy in independent testing, blocking prompt injection, excessive agent autonomy, and data leakage.
• AI observability: Provide a complete audit trail across every AI interaction on the platform, maintaining the accountability and traceability that regulated industries require.

The flexibility to deploy anywhere without compromise

With this new solution, F5 uniquely combines AI security capabilities with flexible deployment options, enabling enterprises to operate across on-premises, air-gapped, private cloud, hybrid, and public cloud deployments. This is especially valuable to CISOs in highly regulated industries with exacting data residency and sovereignty requirements. SurePath AI’s lightweight network-based deployment model reinforces this flexibility, requiring no changes to existing application architectures.

Heightened visibility is increasingly critical as AI agents proliferate. F5’s 2026 SOAS Report states 98% of organizations are preparing for agentic AI, but the speed of agent adoption is outpacing the controls designed to manage it. When agents can authenticate, call tools, access data, and take actions autonomously, the blast radius of a single misconfiguration or exploit grows exponentially.

Supporting resources

• F5 AI Security Platform – Details
• The F5 AI Security Platform: Eliminating the guesswork from AI security – F5 blog
• AI Summit: Accelerate AI adoption – F5 virtual event

About F5

F5, Inc. (NASDAQ: FFIV) is the global leader that delivers and secures every app. Backed by three decades of expertise, F5 has built the industry’s premier platform—F5 Application Delivery and Security Platform (ADSP)—to deliver and secure every app, every API, anywhere: on-premises, in the cloud, at the edge, and across hybrid, multicloud environments. F5 is committed to innovating and partnering with the world’s largest and most advanced organizations to deliver fast, available, and secure digital experiences. Together, we help each other thrive and bring a better digital world to life.

For more information visit f5.com
Explore F5 Labs threat research at f5.com/labs
Follow to learn more about F5, our partners, and technologies:
Blog | LinkedIn | X | YouTube | Instagram | Facebook

F5 and SurePath AI are trademarks, service marks, or tradenames of F5, Inc. or its affiliates in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260622960969/en/

Dan Sorensen
F5
(650) 228-4842
d.sorensen@f5.com

Holly Lancaster
We. Communications
(415) 547-7054
hlancaster@wecommunications.com

Source: F5, Inc.