According to TechRepublic, cloud security firm Zscaler has acquired AI security startup SPLX to integrate AI protection directly into its Zero Trust Exchange platform. The financial details weren’t disclosed, but the timing looks strategic given companies are forecast to spend $375 billion on AI infrastructure in 2025 alone, a 67% jump from last year. SPLX, founded just last year in 2023, had raised about $9 million from LAUNCHub Ventures and Rain Capital before being acquired. Their technology focuses on identifying and securing AI models, workflows, and infrastructure across the entire lifecycle, including tackling the growing problem of “shadow AI” where employees use unauthorized AI tools. Zscaler CEO Jay Chaudhry stated the combination will secure “the entire AI lifecycle on one platform” by classifying, governing, and preventing loss of sensitive data across prompts, models, and outputs.
Sponsored content — provided for informational and promotional purposes.
<h2 id="ai-security-gap”>The AI security gap is massive
Here’s the thing – traditional security tools just weren’t built for AI’s unique challenges. They struggle with protecting sensitive data inside prompts, defending machine learning models from targeted attacks, and governing who can use what AI tools and when. Meanwhile, employees are spinning up unauthorized AI apps left and right to move faster, creating what security teams call “shadow AI” – blind spots that attackers absolutely love. Basically, innovation is creating massive security liabilities faster than most companies can keep up.
Why this acquisition actually matters
This isn’t just another boring corporate acquisition. Zscaler is building AI protection directly into the zero-trust architecture that companies are already using, which is smarter than trying to bolt on yet another point solution. SPLX brings some genuinely interesting tech to the table – their automated red-teaming ships with over 5,000 purpose-built attack simulations to probe AI systems and recommend fixes in real time. That shifts the mindset from patch-and-pray to test-and-harden, which is exactly what you need when dealing with autonomous systems that can make decisions without human intervention. The integration means asset discovery doesn’t stop at public apps but reaches into private models, code repositories, and those sprawling autonomous workflows that most security teams don’t even know exist.
Who wins and who loses here
Zscaler just got a serious edge in the race to secure enterprise AI. They’re embedding protection right where the traffic flows instead of making customers manage yet another security console. That’s bad news for standalone AI security startups who now have to compete against a platform player with massive distribution. But it’s great news for enterprises drowning in AI security concerns – they get a unified approach instead of playing whack-a-mole with different tools. SPLX CEO Kristian Kamber nailed it when he said they’ll secure “AI innovation at the speed organizations are adopting it.” Because let’s be real – the adoption train has left the station, and security is scrambling to catch up. Zscaler’s announcement positions them as the go-to for companies that want to innovate without creating security nightmares.
What comes next in AI security
We’re going to see more consolidation like this. A lot more. The big security platforms can’t afford to have AI security as a gap in their offerings, and acquiring specialized startups is faster than building from scratch. The real test will be how seamlessly Zscaler can integrate SPLX’s technology and whether they can keep pace as AI threats evolve. Because if there’s one thing we know about AI security, it’s that the attackers aren’t standing still either. This acquisition feels like the opening move in what’s going to be a very crowded, very competitive space.
