Imagine your company's most sensitive data suddenly exposed because your AI system was tricked. That's the nightmare Thales is trying to prevent with its new AI Security Fabric. This isn't just another security patch; it's a fundamentally new approach to protecting AI-powered applications, especially those using Agentic AI and Large Language Models (LLMs).
Thales has officially launched its AI Security Fabric, offering, for the first time, runtime security specifically designed for Agentic AI and LLM-based applications. This is a big deal because these types of AI systems are becoming increasingly sophisticated and, therefore, increasingly vulnerable. The Fabric is designed to protect your valuable enterprise data and identities from the unique threats that AI introduces.
The core problem? AI's rapid growth is outpacing our ability to secure it. McKinsey reports that a whopping 78% of organizations are using AI in at least one business function, a significant jump from 55% just two years ago. And Thales’ own research shows that 73% of organizations are actively investing in AI-specific security tools. But are they investing in the right tools?
The AI Security Fabric tackles emerging AI-specific threats head-on. We're talking about things like prompt injection (where attackers manipulate the AI's instructions), data leakage (sensitive information being unintentionally revealed), model manipulation (tampering with the AI's core algorithms), and insecure Retrieval-Augmented Generation (RAG) pipelines (vulnerabilities in how AI retrieves and uses external data). These are complex issues, but Thales aims to make protecting against them simpler.
Thales is taking a phased approach, with even more robust security measures planned for 2026. The goal is to create a comprehensive security layer for AI ecosystems, enabling businesses to confidently scale their AI adoption across both cloud and on-premise environments.
So, what exactly can the AI Security Fabric do right now?
With the Thales AI Security Fabric, organizations can:
- Securely unlock AI-driven growth: Maximize the business value of AI by enabling innovation and expansion, while mitigating the risks of prompt injection, data leakage, model manipulation, and exposure of sensitive or regulated data. Think of it as building a secure foundation that lets you explore AI's potential without constantly worrying about a security breach.
- Protect data, applications, and identities end-to-end: Give Agentic AI and GenAI controlled access to datasets, deploy runtime security across cloud and on-premise environments, and safeguard all AI interactions with minimal integration effort. This means you can ensure that your AI systems are only accessing the data they need and that all communication is properly secured.
- Rely on enterprise-grade, standards-aligned protection: Leverage proven security capabilities that directly address the most critical OWASP Top 10 risks and prevent costly or reputation-damaging incidents before they impact the organization. This isn't just theoretical security; it's based on well-established industry standards.
The initial capabilities available immediately include:
- AI Application Security: This is a security solution designed to protect homegrown applications that use LLMs. It provides real-time protection against AI-specific threats. This covers prompt injection, jailbreaking, system prompt leakage, model denial-of-service attacks, sensitive information leakage, and content moderation. It's also designed to be flexible, with deployment options that fit any architecture, whether it's cloud-native, on-premise, or a hybrid environment.
- AI Retrieval-Augmented Generation (RAG) Security: This provides the ability to discover and secure sensitive structured and unstructured enterprise data before it's ingested into retrieval-augmented applications. It uses comprehensive data protection solutions, including encryption and key management. It also helps secure communication between the LLM and external data sources. And this is the part most people miss: securing the data before it even enters the AI system is crucial.
Sebastien Cano, Senior Vice President of Thales’ Cyber Security Products Business, emphasizes the need for specialized security, stating, "As AI reshapes business operations, organizations require security solutions tailored to the specific risks posed by Agentic AI and Gen AI applications. Thales AI Security Fabric provides enterprises specialized tools to secure AI applications, while minimizing operational complexity. With decades of security expertise, Thales enables businesses to confidently scale their AI adoption, safeguarding sensitive data, applications, and user interactions."
Looking ahead to 2026, Thales plans to expand the AI Security Fabric with even more advanced runtime security capabilities. These include data leakage prevention, a Model Context Protocol (MCP) security gateway, and end-to-end runtime access control. The goal is to strengthen protection across data flows, secure agentic AI data access, and ensure unified, compliant management of interactions between users, models, and data sources. But here's where it gets controversial... Some argue that relying too heavily on security protocols can stifle innovation and limit the potential of AI. What's your take?
About Thales:
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
What do you think about Thales' new AI Security Fabric? Is it a necessary step in securing AI, or could it potentially hinder innovation? Share your thoughts in the comments below!
