Securing the AI Frontier: Prisma AIRS & Claude Code

By  and
Nov 19, 2025
5 minutes
AI Security
Partners
Prisma AIRS
Secure AI

The age of AI is upon us, and with it, a new frontier of security challenges. As developers increasingly leverage large language models (LLMs) to build innovative applications, they also open the door to a new class of threats. From prompt injection and data leakage to malicious code generation, the potential attack surface is vast and constantly evolving. How can we empower developers to build securely in this new landscape, without stifling innovation or slowing down the development process?

The answer lies in building security into the AI development process from the beginning, making it an integral part of the development lifecycle. This is where the powerful combination of Palo Alto Networks Prisma AIRS™ API Intercept and Anthropic's Claude Code hooks comes into play. By integrating these two cutting-edge technologies, organizations can create a robust, proactive defense against AI-native threats directly within developers' workflows.

The Power of Proactive AI Security

In the rapid environment of modern AI development, security must be an enabler throughout the entire deployment process rather than a final checkpoint. Security must be embedded directly into the tools and processes that developers use every day to achieve robust threat prevention. Together, Prisma AIRS and Claude Code hooks can protect against prompt injection attacks, tool misuse, sensitive data loss and more.

Prisma AIRS API Intercept provides the real-time threat detection and prevention capabilities needed to secure AI applications at runtime. It acts as a security-as-code layer, allowing developers to programmatically scan prompts and model responses for a wide range of threats. With its model-agnostic design, Prisma AIRS can be seamlessly integrated with any AI model, providing consistent and comprehensive protection across the entire AI ecosystem.

Claude Code hooks enable automated, enforced security checks directly within the Claude Code development environment. Hooks are user-defined scripts that can be triggered at specific points in the Claude Code workflow. This allows organizations to create deterministic security controls, helping ensure that all prompts and tool calls are automatically scanned and validated before they are ever used.

Securing the AI Development Pipeline: Prisma AIRS Proactive Defense Capabilities

To truly establish proactive defense, a comprehensive security solution must address the full spectrum of AI-native threats that developers face. Prisma AIRS is designed to secure applications built with agents such as Claude Code by providing broad coverage against the most critical risks.

Prevent Direct and Indirect Prompt Injections

Prisma AIRS offers the broadest coverage with over 30 types of detection to help prevent malicious manipulation of the model’s behavior, especially critical when coding agents utilize web search or external data.

Command Injections

Preventing the model from executing unintended or harmful commands on the underlying system.

Malicious Scripts

Blocking the generation or execution of harmful code snippets.

MCP Vulnerability Exploits

Defending against threats that target MCP servers, such as tool misuse.

Sensitive Data Exposure

Ensuring that confidential information is not inadvertently exposed in prompts or model responses.

Malicious URL and FQDNs Ingested for Processing

Scanning and blocking the use of untrusted or known malicious web addresses that coding agents might encounter.

Prisma AIRS addresses these threats through flexible deployment models that integrate security directly into developers' workflows, covering both real-time interactions and deep, on-demand analysis.

Inline Prevention: Using AIRS API with Claude Code Hooks

For real-time, zero-trust security enforcement, the Prisma AIRS API Intercept integrates seamlessly with tools like Claude Code hooks. This integration provides inline prevention, acting as a deterministic security control layer within the model's request/response cycle.

  • Every user prompt and tool call is automatically scanned and validated before the AI model processes it.
  • Model responses and tool outputs, like WebFetch results, are scanned before they are returned to the user or used in subsequent steps.
  • If a threat is detected, the process is immediately stopped, preventing the attack from reaching the model or the developer’s environment. This method enables always-on security and immediate threat prevention.

On-demand Detection: Leveraging Prisma AIRS MCP Server

While inline prevention handles real-time traffic, a truly proactive security posture requires the ability to perform deeper, asynchronous analysis. Users can leverage Prisma AIRS as an MCP server for on-demand detection, enabling security scanning to be easily configured within customizable workflows.

This approach creates a flexible, layered security posture by enabling users to easily send specific data samples for analysis within a standard chat workflow to test verdicts. Using Prisma AIRS as an MCP server can also be used directly within agent workflows to perform analysis that is not dependent on the real-time API intercept and also provides a vital capability for comprehensive threat hunting, retrospective scanning and analysis of AI-native applications.

Figure 1: Scanning user input before processing by Claude Code

Figure 2: Scanning of both WebFetch and MCP requests and responses; processes stop if a threat is detected

Key Benefits of Prisma AIRS and Claude Code Integration

By integrating Prisma AIRS and Claude Code, organizations can detect and prevent threats at the earliest stage of the development lifecycle before they reach production. Security is seamlessly integrated into the developer's existing workflow, without adding unnecessary friction or complexity. Automated and reliable security checks remove the need for developers to run manual checks and approve every agent action. With Prisma AIRS advanced threat detection, organizations can proactively protect against a wide range of AI-native threats.

The Future of AI Security Is Proactive

As AI continues to transform the way we work and live, security must be woven into the fabric of AI applications. By combining real-time threat prevention capabilities from Prisma AIRS with the development-time automation of Claude Code, organizations can create a powerful and proactive defense against the next generation of cyberthreats. This integrated approach empowers developers to build confidently, knowing that they have the tools and processes in place to secure the AI frontier.

See the integration guide to get started with Prisma AIRS and Claude Code hooks.

 

Related Blogs

AI Security, AI Security, Announcement, Partners, Products and Services

Prisma AIRS Integrates Microsoft Foundry for Comprehensive AI Security

AI Security, AI Security, Partners

Enterprise-Grade AI Security: Prisma AIRS and TrueFoundry AI Gateway

AI Security, AI Security, Ignite, Partners

Secure the AI Factory with Palo Alto Networks & NVIDIA

AI Security, AI Security

Red Teaming Your AI Before Attackers Do

AI Security, AI Security

Beyond the Guardrail Trap: Securing Your AI Transformation

AI Security, AI Security

Beginner's Guide to AI Security with eBPF

Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts