F5 targets shadow AI risk with new AI security platform and SurePath acquisition

F5 is moving deeper into AI security with the launch of its new AI Security Platform, designed to give security teams more visibility and control over enterprise AI applications, models, agents, and the APIs that connect them. The company also announced its acquisition of SurePath AI, which brings network-based AI discovery, intent classification, and shadow AI detection into the platform.

AI tools are now being used across sanctioned applications, employee workflows, internal systems, and autonomous agents. That creates a visibility problem. Security leaders need to know where AI is running, what data it can access, what actions agents can take, and whether those systems are operating within approved boundaries.

F5 says the platform includes AI governance, AI discovery, AI security testing, runtime protection, and observability. SurePath AI strengthens the discovery side by helping organizations detect AI usage across the network, including unsanctioned tools and agent activity, without requiring direct integrations into every application. That visibility can then feed into testing and guardrails to help reduce risks such as prompt injection, data leakage, and excessive agent autonomy.

AI security is becoming an operational control problem for enterprises. AI agents can authenticate, call tools, access sensitive data, and take action across business systems. That raises the stakes for governance, auditability, and runtime protection, especially in regulated industries or environments with strict data residency requirements. F5 is focusing on the fact that AI security will need to sit close to the application, API, and network layers, where enterprises can continuously see, test, and control how AI is being used.