AI isn’t just changing applications—it’s changing the browser itself. A new wave of agentic browsers, like Perplexity Comet, ChatGPT Atlas, and Dia, are emerging with one goal: turn the browser into an intelligent assistant that can research, reason and automate multi-step workflows for users.
It’s an exciting shift for productivity and creativity, but with it comes a dramatic shift in the enterprise attack surface.
As we saw with the consumer browser, it became the enterprise workspace before it was ever built to secure one. Now agentic browsers, or AI browsers, accelerate that evolution by introducing autonomous activity security teams can’t see or control—leaving organizations without essential protection and more exposed to threats. What’s more, core protections in Chrome and Edge, such as protection against malicious URLs, malware protection, safe browsing and password protections have been removed by many AI browsers.
Prisma Browser Extension working with Prisma Browser gives organizations a way to govern AI browsing while reducing risk exposure.
A New Security Blind Spot Emerges
Most organizations have no visibility into which AI browsers users are installing. However, the problem doesn’t stop there. Shadow AI isn't just about SaaS apps— it now lives inside the browser itself. Endpoint agents and extensions can't consistently monitor what runs in AI sidebar tools, AI-triggered actions on the page, leading to data leaks, prompt injection, and automation abuse. For example, researchers found that ChatGPT Atlas bypassed standard encryption practices, exposing private authentication data which resulted in unauthorized access to user accounts.
On top of that, modifying the Chromium codebase and layering new capabilities can introduce vulnerabilities that other browsers don’t have, unless done with rigorous security engineering. Research conducted by Palo Alto Networks shows that side panels in multiple AI browsers can be hijacked by malicious extensions. In some cases, the researchers were able to escalate privileges, including unauthorized access to a user’s camera and microphone.
In summary, this means agentic browsers can do more than just remove basic protections —they also expand your attack surface and can open the door to entirely new threats your organization hasn’t been exposed to before.
Secure AI-Browsing with Prisma Browser Extension
Put simply, if organizations insist on running agentic browsers, at minimum security leaders need a way to see, understand, and control how these browsers enter and operate within the environment. Prisma Browser Extension gives organizations a way to govern AI browsing while reducing risk.
Prisma Browser Extension brings back the security controls that many AI browsers remove, tracking browser activity in real time and allowing your organization to regain some control. Prisma Browser Extension provides these benefits against agentic or AI browsers:
- Discover & Govern AI Browsers: Detects agentic browsers in use, assesses the level of risk and blocks risky workflows.
- Restore In-Browser Visibility: Expose AI risks before they escalate by gaining visibility into user activity such as navigation, uploads, copy/paste actions and what extensions are in use.
- Protect Against Phishing Attacks: Enhances your ability to mitigate phishing risks with real-time advanced URL filtering and policy-based controls. Users are automatically notified with alerts when they encounter dangerous sites, helping to prevent them from falling victim to social engineering attacks.
- Mitigate Threats: Powerful malware inspection powered by Precision AI blocks malicious files.
- Manage Extensions: View and control which extensions can be installed across all AI browsers, the permissions provided to each extension, and the transfer of sensitive data. Organizations can block malicious or risky extensions based on various criteria, such as risk level.
- Enhance Forensic Capabilities: Collect detailed user activity logs and security events, providing valuable insights for forensic investigations and compliance audits. These events give SOC teams in-browser visibility they don’t have today, enabling organizations to analyze incidents, identify risky behavior patterns, and respond to security threats more effectively.
And when AI browsers try to access enterprise applications, Prisma Browser Extension doesn’t just block — it redirects users seamlessly to Prisma Browser, ensuring sensitive work happens in a secure, policy-enforced environment, with the advanced security controls of Prisma Browser. At the same time, it educates users with real-time in-browser prompts that warn them of risky activity before they proceed.
Prisma Browser: The Secure Control Point
When an application is opened in Prisma Browser, it automatically inherits the browser's security features:
- A secure modern workspace to protect work on any device, including anti-tampering controls, account takeover preventions, device posture checks and policy enforcement.
- Enterprise-grade data loss prevention (DLP) with 10x fewer false positives than traditional tools and identity controls that help prevent data leakage and strengthen access security
Prisma Browser and its extension work together to provide a robust combination of productivity and security that requires minimal user training or adaptation. You can roll out the extension to any AI browser in minutes, requiring no end-user involvement.
This hybrid approach allows users to explore AI tools freely if necessary, while ensuring business-critical access and data remain securely isolated within a protected browser environment, safe from the inherent security risks associated with agentic browsers. With Prisma Browser and Prisma Browser Extension, you can govern AI-browsing, reduce risk, and protect data in sensitive enterprise applications.
Register for Ignite: What’s Next to learn more about the latest advancements to Prisma Browser and more.