Thales has unveiled its AI Security Fabric, a new platform that introduces runtime security measures tailored for agentic AI systems and applications powered by large language models (LLMs). This solution targets protections for enterprise data and user identities amid rising AI-specific vulnerabilities. Organizations deploying generative AI face challenges like prompt injection attacks, unintended data exposure, alterations to AI models, and weaknesses in retrieval-augmented generation (RAG) pipelines. The platform equips businesses to address these issues while pursuing AI-driven efficiencies and regulatory adherence.
AI adoption continues to accelerate across sectors. A McKinsey survey indicates that 78% of companies now integrate AI into at least one function, compared to 55% two years prior. This surge has prompted 73% of those organizations to allocate resources—either new funding or reallocations—for specialized AI security measures, as detailed in the 2025 Thales Data Threat Report. Such investments reflect the dual nature of AI: a catalyst for operational transformation alongside novel risk profiles that traditional cybersecurity often overlooks.
Core Components of the AI Security Fabric
The initial release of Thales’ AI Security Fabric focuses on securing both the central infrastructure and peripheral elements of enterprise AI deployments. It operates across cloud, on-premises, and hybrid setups, emphasizing minimal disruption during integration.
AI Application Security
This module safeguards custom-built applications relying on LLMs. It delivers real-time defenses against threats unique to AI environments, such as prompt injection—where malicious inputs trick models into unauthorized actions—jailbreaking techniques that bypass safeguards, leaks of system prompts, denial-of-service attacks targeting models, disclosure of confidential data, and failures in content moderation.
Deployment flexibility stands out: the solution adapts to cloud-native infrastructures, legacy on-premises systems, or mixed configurations. Enterprises can embed these protections without overhauling existing architectures, ensuring continuous monitoring of AI interactions.
AI Retrieval-Augmented Generation Security
RAG enhances LLMs by pulling in external data for more accurate responses, but it introduces risks if sensitive information enters unsecured pipelines. Thales’ RAG security identifies and protects structured and unstructured data prior to ingestion. It incorporates encryption, key management, and secure channels between LLMs and data sources.
This approach prevents exposure during the retrieval process, a common vector for breaches. By scanning datasets upfront, organizations maintain control over what feeds into AI decision-making, aligning with data governance standards.
Strategic Benefits for Enterprises
The AI Security Fabric enables companies to harness AI’s potential without compromising security postures.
It facilitates secure innovation by neutralizing risks that could derail deployments, such as manipulation of model outputs or leakage of proprietary information. End-to-end coverage extends to data flows, application layers, and identity verification, creating a unified shield.
Alignment with industry benchmarks adds reliability. The platform counters key threats outlined in the OWASP Top 10 for LLMs, including supply chain compromises and overreliance on models. This standards-based framework helps avert incidents that could lead to financial losses or reputational harm.
Sebastien Cano, Senior Vice President of Cyber Security Products at Thales, emphasized the need for specialized defenses. “As AI fundamentally alters business processes, companies demand protections calibrated to agentic AI and generative applications,” he stated. “Our AI Security Fabric provides targeted safeguards with low operational overhead, drawing on longstanding expertise to support scalable AI use while protecting data, apps, and interactions.”
Upcoming Enhancements in 2026
Thales outlines a roadmap to evolve the platform into a fuller security stack. Planned additions include data leakage prevention tools to monitor and block unauthorized outflows during AI operations. A Model Context Protocol (MCP) security gateway will manage interactions in agentic systems, where AI agents autonomously handle tasks.
Further features encompass runtime access controls spanning users, models, and data repositories. These will enforce granular policies, ensuring compliance in dynamic environments. By 2026, the Fabric aims to offer comprehensive oversight of AI ecosystems, from inference to deployment.
This phased rollout addresses the maturation of AI threats. As agentic systems—capable of multi-step reasoning and external tool use—proliferate, securing their data pipelines becomes paramount. Thales positions the Fabric as a foundational layer, interoperable with existing security stacks.
Broader Context in Enterprise AI Security
The launch occurs against a backdrop of intensifying AI risks. Prompt injection, for instance, exploits natural language interfaces, evading conventional input validation. Model manipulation via adversarial inputs can skew outputs subtly, undermining trust in AI-driven decisions. Insecure RAG setups risk ingesting poisoned data, amplifying errors or biases.
Enterprises grapple with compliance too. Regulations like the EU AI Act and evolving U.S. guidelines mandate risk assessments for high-stakes AI. Thales’ solution integrates with these by providing audit trails and policy enforcement.
Industry peers are responding similarly. Competitors like Palo Alto Networks and CrowdStrike have rolled out AI runtime protections, focusing on behavioral anomaly detection. Thales differentiates through its emphasis on data-centric security, leveraging CipherTrust for encryption and key orchestration—proven in non-AI contexts.
Market data underscores urgency. The Thales report notes that AI threats cost organizations an average of $4.8 million annually, with detection lags exacerbating damages. Early adopters of runtime security report 40% faster threat response times, per analyst estimates from Gartner.
Implementation Considerations
Deploying the Fabric involves assessing current AI stacks. Organizations start with AI Application Security for LLM-heavy apps, then layer in RAG protections. Integration APIs minimize code changes, supporting frameworks like LangChain or custom agents.
Scalability suits varying loads: from pilot projects to production-scale inference. Pricing ties to usage metrics, though specifics remain undisclosed. Thales offers trials via its dedicated portal, allowing proof-of-concept testing.
Challenges persist. False positives in threat detection could hinder workflows, requiring tuning. Skill gaps in AI security also loom; Thales mitigates this via managed services and documentation.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability, and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum, and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
