Thales Launches Security Fabric Platform for Enterprise AI

Thales has released its AI Security Fabric, a security platform designed to address threats specific to agentic AI and large language model applications.

The platform focuses on runtime security, monitoring AI applications as they operate rather than relying solely on pre-deployment scanning. According to the 2025 Thales Data Threat Report, 73% of organisations are investing in AI-specific security tools as adoption accelerates across business functions.

McKinsey research shows 78% of organisations now use AI in at least one business function, up from 55% two years ago. This rapid expansion has created new attack surfaces that conventional security architectures struggle to address.

Thales AI Security Fabric addresses prompt injection and model manipulation

The first release includes two separate products. AI Application Security sits alongside LLM-powered applications and monitors for prompt injection attacks, jailbreaking attempts, system prompt leakage, model denial-of-service attacks, sensitive information leakage and content moderation failures, working across cloud, on-premises and hybrid deployments.

AI Retrieval-Augmented Generation Security scans enterprise data before it gets fed into retrieval-augmented applications. It applies encryption and key management to structured and unstructured data, then secures the communication channel between LLMs and external data sources.

The second product, AI Retrieval-Augmented Generation Security, scans enterprise data before it gets fed into retrieval-augmented applications. It applies encryption and key management to structured and unstructured data, then secures the communication channel between LLMs and external data sources.

Both products focus on the OWASP Top 10 for LLM applications, a list of vulnerabilities that security researchers have documented in production AI systems. Prompt injection sits at the top of that list, where attackers craft inputs that override a model’s instructions, forcing it to ignore safety guidelines or leak information it shouldn't access.

“As AI reshapes business operations, organisations require security solutions tailored to the specific risks posed by Agentic AI and Gen AI applications,” says Sebastien Cano, Senior Vice President of Thales’ Cyber Security Products Business. “Thales AI Security Fabric offers enterprises specialised tools to secure AI applications while minimising operational complexity.”

Thales plans 2026 expansion with Model Context Protocol gateway

Thales plans to expand the platform in 2026 with three additions: data leakage prevention, a Model Context Protocol security gateway and end-to-end runtime access control.

Anthropic developed the Model Context Protocol as a standard for connecting AI systems to external tools and data sources. Agentic AI systems use MCP to access databases, execute code and pull information from APIs. A security gateway would monitor those connections, blocking requests that try to access restricted data or perform unauthorised actions.

Runtime access control moves security checks from the development phase into production. Instead of scanning code once before deployment, the system watches every interaction between users, models and data sources. That matters because AI systems can behave in ways their developers didn't predict, particularly when users find edge cases or feed them unusual inputs.

Trial versions of some tools are available now through the Thales AI Security Fabric website. The company employs more than 83,000 people in 68 countries, working across defence, aerospace, and cyber security.

Thales addresses insecure RAG pipelines in enterprise AI deployments

Retrieval-augmented generation has become a common pattern in enterprise AI deployments, allowing models to access current information without retraining. However, RAG architectures introduce security challenges. Data retrieved from enterprise systems may contain sensitive information that models could leak through their outputs.

Thales' RAG security capability scans data before ingestion, applying encryption and access controls to limit exposure. The system aims to prevent scenarios where confidential data flows into model contexts and subsequently appears in responses to unauthorised users.

“Supported by decades of security expertise, Thales enables businesses to confidently scale their AI adoption, safeguarding sensitive data, applications and user interactions,” Sebastien says.