Threat Vector – "Securing the AI Frontier"

Date: November 13, 2025
Host: David Moulton (Senior Director, Thought Leadership, Unit 42)
Guest: Mira Rajiva (Chief Information Officer, Palo Alto Networks)

Episode Overview

This episode features a deep-dive conversation with Palo Alto Networks CIO Mira Rajiva on the transformative impact of AI—particularly generative AI—on enterprises, internal workflows, developer productivity, and the evolving challenges to cybersecurity. Mira shares real-world lessons from Palo Alto’s own experience with internal AI agents, details how AI-driven processes are changing key IT and business functions, and warns about the new threat vectors and blind spots created as AI adoption accelerates.

Key Discussion Points & Insights

1. AI as a Business and Security Transformer

Velocity, Efficiency, and Experience: Mira charts how AI, and specifically generative AI, have “redefined” speed, efficiency, and the user experience across business functions (02:01).
- "With AI, you can really gain velocity. That’s number one." (02:04)
- "AI is totally transforming the experience. Especially with generative AI, user experience is getting redefined. People are now more having a dialogue... AI is becoming their thought partner." (02:48)
The Democratization of AI: The leap from traditional embedded AI (ML/DL) to ubiquitous, user-facing generative AI is giving every employee access to powerful tools.
- "With generative AI, it has actually pushed AI in the front... Every employee in Palo Alto has their agent, which is the Panda AI." (03:22)

2. Internal AI Adoption & "Panda AI"

Employee Experience Revolution: Palo Alto’s internal agent, Panda AI, has enabled a vast leap in efficiency and self-service, automating 72% of requests compared to 12% pre-AI—all in under a year (04:20).
- "Over less than a year we have gone from 12 to 72%. It's not all AI, it's a combination of AI changing the user experience, people getting comfortable to go to Panda as the first place..." (04:48)
Let Me “Panda That” For You: The company culture has shifted so much that “Let me Panda that for you” has replaced “Let me Google that for you” internally (05:10).
Three Buckets of Request Automation:
- Information retrieval (“how-to” questions): 19.5% now fully automated.
- Deterministic service requests (provisioning, resets): 89% automated.
- Complex/break-fix issues: Still require human involvement, but AI is streamlining information collection and learning from feedback (07:40).
  - "Bad code cannot be fixed by AI. If you have a quality issue, it's going to show up. You have to go and fix the defect." (08:55)

3. Redefining User Experience

Instant, Contextual, and Continuous: AI agents are providing instant responses, retaining conversation history, and capturing feedback after failed resolutions, thus turning every interaction into a learning opportunity (09:55).
- "With AI now, I'm able to gather all the information even when it is not able to solve upfront and also not asking the same thing again and again... It gives me the history." (10:18)
- "Panda ... takes that input and it's becoming a learning experience, a continuous learning experience." (11:56)

4. Generative AI in Developer Productivity & the SDLC

Shift from Coding to Problem Specification: Coding is only 30% of engineering time; the big productivity wins lie in requirements capture and design. AI is being leveraged in every phase:
- Capturing requirements from real conversations and generating product requirements documents (PRDs) automatically (13:01).
- Generating mockups, user stories, and test plans from documentation and feedback, accelerating many phases of the software lifecycle.
- Coding assistants (like Cursor) sharply accelerate greenfield development (up to 80% efficiency gain) but offer less boost in brownfield/legacy code (15:30).
  - "In greenfield I was able to get 70 to 80, 85% efficiency. But in brownfield we were not able to get good efficiency. So what we have done is we have reimagined the process..." (16:12)
Collapsing Job Boundaries: Product managers, analysts, developers, and QA must all be "AI enabled and AI savvy," as AI blurs traditional role boundaries (18:25).
Documentation Automation: AI-generated documentation ensures product docs remain current as the product evolves (20:43).

5. AI-Driven Security Challenges

Visibility is Foundational: Blindness to enterprise AI usage is the first (and biggest) risk. Discovering “shadow AI” use is crucial.
- "Your first and foremost is get immediate visibility into the use of AI in the company." (22:07)
Model Security is New Frontier: Protecting proprietary models (including small language models/SLMs hosted internally) against poisoning and permissions errors is vital.
- "For AI, your data and your model are the brain combined together... if I poison either one of them, AI can go haywire." (23:01)
Prompt Security as Software Supply Chain: Prompts themselves are now a critical part of the application stack, requiring runtime protection analogous to code supply chain security.
Open-Source Model Caution: There's widespread risk in trusting community or open models with unknown provenance, introducing vulnerabilities into products and workflows.
- "Yeah, it's open source. When was open source secure." (26:16)

Notable Quotes & Memorable Moments

"Innovation with AI at its core is our most powerful weapon." — Mira Rajiva (01:11)
"Let me Panda that for you" (05:10), reflecting AI’s deep integration into everyday work.
"Bad code cannot be fixed by AI. If you have a quality issue, it's going to show up. You have to go and fix the defect." — Mira Rajiva (08:55)
"Coding is only 30% of their time... If you kind of focus all your effort on the AI writing code for you, you're only solving a small portion." — Mira Rajiva (13:25)
"Security is much easy if you integrate from the get go as a design principle rather than trying to use it like a seasoning at the end of preparation of that food, it is not going to taste well." — Mira Rajiva (27:55)
"AI is a tectonic shift and it's not a hype, it's here to stay." — Mira Rajiva (27:25)

Timestamps for Key Segments

[02:01] – The business and UX transformation potential of generative AI
[03:22] – How generative AI changed enterprise strategy; intro to Panda AI
[04:20] – Panda AI results: 12% to 72% automation in under a year
[05:33] – Breakdown of support tickets and automation strategy
[09:55] – User experience: From telephone tag to continuous learning
[13:01] – Redefining developer productivity, AI-driven SDLC
[15:30] – Efficiency differences in greenfield vs. brownfield coding
[21:48] – Security challenges, need for visibility in enterprise AI use
[23:01] – Model and data poisoning as new threat vectors
[26:16] – Risks of open-source and third-party models
[27:25] – Mira’s parting advice on AI’s impact and integrating security 'by design'

Takeaways for Security Leaders

AI integration is not hype—it’s a generational shift already reshaping business and security.
User-facing generative AI demands new perspectives in security, visibility, and workflow automation.
Effective AI adoption requires rethinking human roles and up-skilling teams for “AI-native” workflows.
Security must be baked in from the start, not sprinkled on top.
Vigilance over model sourcing, access, and runtime operation is increasingly critical as the model and the prompt inherit the risk surface once reserved for traditional software.

For further information and to hear more on real-world innovation and securing the AI frontier, listen to the full episode or reach out to Palo Alto Networks Threat Vector team.

Threat Vector – "Securing the AI Frontier"

Date: November 13, 2025
Host: David Moulton (Senior Director, Thought Leadership, Unit 42)
Guest: Mira Rajiva (Chief Information Officer, Palo Alto Networks)

Episode Overview

Key Discussion Points & Insights

1. AI as a Business and Security Transformer

Velocity, Efficiency, and Experience: Mira charts how AI, and specifically generative AI, have “redefined” speed, efficiency, and the user experience across business functions (02:01).
- "With AI, you can really gain velocity. That’s number one." (02:04)
- "AI is totally transforming the experience. Especially with generative AI, user experience is getting redefined. People are now more having a dialogue... AI is becoming their thought partner." (02:48)
The Democratization of AI: The leap from traditional embedded AI (ML/DL) to ubiquitous, user-facing generative AI is giving every employee access to powerful tools.
- "With generative AI, it has actually pushed AI in the front... Every employee in Palo Alto has their agent, which is the Panda AI." (03:22)

2. Internal AI Adoption & "Panda AI"

Employee Experience Revolution: Palo Alto’s internal agent, Panda AI, has enabled a vast leap in efficiency and self-service, automating 72% of requests compared to 12% pre-AI—all in under a year (04:20).
- "Over less than a year we have gone from 12 to 72%. It's not all AI, it's a combination of AI changing the user experience, people getting comfortable to go to Panda as the first place..." (04:48)
Let Me “Panda That” For You: The company culture has shifted so much that “Let me Panda that for you” has replaced “Let me Google that for you” internally (05:10).
Three Buckets of Request Automation:
- Information retrieval (“how-to” questions): 19.5% now fully automated.
- Deterministic service requests (provisioning, resets): 89% automated.
- Complex/break-fix issues: Still require human involvement, but AI is streamlining information collection and learning from feedback (07:40).
  - "Bad code cannot be fixed by AI. If you have a quality issue, it's going to show up. You have to go and fix the defect." (08:55)

3. Redefining User Experience

Instant, Contextual, and Continuous: AI agents are providing instant responses, retaining conversation history, and capturing feedback after failed resolutions, thus turning every interaction into a learning opportunity (09:55).
- "With AI now, I'm able to gather all the information even when it is not able to solve upfront and also not asking the same thing again and again... It gives me the history." (10:18)
- "Panda ... takes that input and it's becoming a learning experience, a continuous learning experience." (11:56)

4. Generative AI in Developer Productivity & the SDLC

Shift from Coding to Problem Specification: Coding is only 30% of engineering time; the big productivity wins lie in requirements capture and design. AI is being leveraged in every phase:
- Capturing requirements from real conversations and generating product requirements documents (PRDs) automatically (13:01).
- Generating mockups, user stories, and test plans from documentation and feedback, accelerating many phases of the software lifecycle.
- Coding assistants (like Cursor) sharply accelerate greenfield development (up to 80% efficiency gain) but offer less boost in brownfield/legacy code (15:30).
  - "In greenfield I was able to get 70 to 80, 85% efficiency. But in brownfield we were not able to get good efficiency. So what we have done is we have reimagined the process..." (16:12)
Collapsing Job Boundaries: Product managers, analysts, developers, and QA must all be "AI enabled and AI savvy," as AI blurs traditional role boundaries (18:25).
Documentation Automation: AI-generated documentation ensures product docs remain current as the product evolves (20:43).

5. AI-Driven Security Challenges

Visibility is Foundational: Blindness to enterprise AI usage is the first (and biggest) risk. Discovering “shadow AI” use is crucial.
- "Your first and foremost is get immediate visibility into the use of AI in the company." (22:07)
Model Security is New Frontier: Protecting proprietary models (including small language models/SLMs hosted internally) against poisoning and permissions errors is vital.
- "For AI, your data and your model are the brain combined together... if I poison either one of them, AI can go haywire." (23:01)
Prompt Security as Software Supply Chain: Prompts themselves are now a critical part of the application stack, requiring runtime protection analogous to code supply chain security.
Open-Source Model Caution: There's widespread risk in trusting community or open models with unknown provenance, introducing vulnerabilities into products and workflows.
- "Yeah, it's open source. When was open source secure." (26:16)

Notable Quotes & Memorable Moments

"Innovation with AI at its core is our most powerful weapon." — Mira Rajiva (01:11)
"Let me Panda that for you" (05:10), reflecting AI’s deep integration into everyday work.
"Bad code cannot be fixed by AI. If you have a quality issue, it's going to show up. You have to go and fix the defect." — Mira Rajiva (08:55)
"Coding is only 30% of their time... If you kind of focus all your effort on the AI writing code for you, you're only solving a small portion." — Mira Rajiva (13:25)
"Security is much easy if you integrate from the get go as a design principle rather than trying to use it like a seasoning at the end of preparation of that food, it is not going to taste well." — Mira Rajiva (27:55)
"AI is a tectonic shift and it's not a hype, it's here to stay." — Mira Rajiva (27:25)

Timestamps for Key Segments

[02:01] – The business and UX transformation potential of generative AI
[03:22] – How generative AI changed enterprise strategy; intro to Panda AI
[04:20] – Panda AI results: 12% to 72% automation in under a year
[05:33] – Breakdown of support tickets and automation strategy
[09:55] – User experience: From telephone tag to continuous learning
[13:01] – Redefining developer productivity, AI-driven SDLC
[15:30] – Efficiency differences in greenfield vs. brownfield coding
[21:48] – Security challenges, need for visibility in enterprise AI use
[23:01] – Model and data poisoning as new threat vectors
[26:16] – Risks of open-source and third-party models
[27:25] – Mira’s parting advice on AI’s impact and integrating security 'by design'

Takeaways for Security Leaders

AI integration is not hype—it’s a generational shift already reshaping business and security.
User-facing generative AI demands new perspectives in security, visibility, and workflow automation.
Effective AI adoption requires rethinking human roles and up-skilling teams for “AI-native” workflows.
Security must be baked in from the start, not sprinkled on top.
Vigilance over model sourcing, access, and runtime operation is increasingly critical as the model and the prompt inherit the risk surface once reserved for traditional software.

For further information and to hear more on real-world innovation and securing the AI frontier, listen to the full episode or reach out to Palo Alto Networks Threat Vector team.

wavePod

Securing the AI Frontier

Powered by Wave AI

Summary

Threat Vector – "Securing the AI Frontier"

Episode Overview

Key Discussion Points & Insights

1. AI as a Business and Security Transformer

2. Internal AI Adoption & "Panda AI"

3. Redefining User Experience

4. Generative AI in Developer Productivity & the SDLC

5. AI-Driven Security Challenges

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Takeaways for Security Leaders

Summary

Threat Vector – "Securing the AI Frontier"

Episode Overview

Key Discussion Points & Insights

1. AI as a Business and Security Transformer

2. Internal AI Adoption & "Panda AI"

3. Redefining User Experience

4. Generative AI in Developer Productivity & the SDLC

5. AI-Driven Security Challenges

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Takeaways for Security Leaders