AI Is Creating a New Security Budget Inside Enterprises

Zscaler’s latest quarter suggests enterprises are starting to treat LLM governance and agent security as separate spending categories rather than extensions of traditional cybersecurity budgets.

The cloud security company reported $850.5 million in Q3 fiscal 2026 revenue, up 25% year over year, while annual recurring revenue (ARR) rose to $3.525 billion. The company also reported more than $100 million in annual bookings tied to its AI Protect offering over the last 12 months.

The demand is tied less to conventional endpoint protection and more to controlling how employees and autonomous software systems interact with large language models (LLMs), corporate applications, and sensitive company data.

Zscaler executives said customers are increasingly adding AI governance capabilities onto broader platform agreements, particularly through the company’s Z-Flex platform. The platform generated $480 million in total contract value during the quarter, up 60% sequentially.

Companies deploying internal AI systems are creating new security requirements around model access, runtime inspection, and non-human identities.

Enterprise AI Deployment Is Creating New Security Exposure

Traditional enterprise security systems were largely built around human users, managed devices, and network traffic. Autonomous software systems can retrieve sensitive data, connect to internal tools, and interact with applications without direct employee involvement, creating risks around unauthorized actions, prompt injection, and uncontrolled data exposure.

Those systems also require credentials and permissions to interact with corporate applications, increasing the number of non-human identities companies must secure.

Palo Alto Networks has expanded its Prisma AIRS platform around runtime security and agent governance. The company says the platform inspects AI models, prompts, responses, and autonomous agent behavior during live operation.

The company has increasingly focused on securing how AI systems use internal tools, retrieve data, and execute actions inside corporate environments.

The security concerns extend beyond external threats. Companies are also trying to control how employees use public AI systems and how internal AI agents interact with sensitive company information.

Cybersecurity Vendors Are Rebuilding Around AI Agents

Security vendors are adding safeguards for AI agents that can execute tasks, connect to applications, and make workflow decisions without direct employee involvement.

CrowdStrike has positioned Charlotte AI as part of what it calls an “agentic SOC,” where autonomous systems automate portions of security operations and incident response workflows.

In October, CrowdStrike launched its Charlotte AI AgentWorks ecosystem alongside partners including OpenAI, Anthropic, AWS, NVIDIA, Salesforce, and Accenture. The initiative focuses on building and governing AI agents operating inside corporate systems.

Vendors that historically focused on endpoints and network traffic are now building products that track how AI systems use credentials, retrieve data, and interact with internal software.

Newer platforms are designed to log which systems AI agents connect to, what actions they execute, and whether they expose sensitive company information.

Identity and authorization products are becoming more important as companies deploy larger numbers of AI agents across internal workflows.

AI Governance Is Becoming a New Enterprise Security Expense

Zscaler’s quarter showed how AI governance products are beginning to function as premium expansion software layered onto broader security platform agreements.

The company reported a record non-GAAP operating margin of 23% during the quarter while earnings per share reached $1.08, ahead of analyst estimates.

The company also said AI-related demand contributed to larger platform agreements and long-term recurring subscription growth.

At the same time, AI infrastructure demand is increasing operating costs across the sector.

Zscaler CFO Kevin Rubin said rising semiconductor, processor, and memory pricing tied to global AI demand pushed the company to accelerate infrastructure investments originally planned for fiscal 2027 into the current fiscal year. The company lowered its full-year free cash flow margin guidance as a result of higher capital expenditures.

Companies deploying internal AI systems are purchasing dedicated products for model access management, agent permissions, runtime inspection, and data exposure prevention alongside existing endpoint, identity, and cloud security tools.