Akamai adds AI tools to speed Zero Trust segmentation
Akamai has added new artificial intelligence features to Guardicore Segmentation, targeting organisations that use Zero Trust security models.
The update addresses a persistent challenge for security teams after an initial intrusion: stopping attackers from moving across internal networks. The new functions are designed to help teams create and enforce segmentation policies with less manual work and contain breaches more quickly.
Guardicore Segmentation limits communication between workloads, applications and systems inside a company's environment. Segmentation has become a core part of many cyber defence programmes because it can restrict the spread of ransomware and other intrusions after an attacker gains access.
The latest additions use AI to identify, analyse and interpret application behaviour, then automatically generate enforceable policies. Organisations can test those policies in simulation before turning them on, reducing the risk of disrupting legitimate traffic.
Key additions
One new function is continuous discovery, which gives security teams real-time visibility into application activity and network relationships. This is intended to provide a current view of the environment rather than rely on a one-off mapping exercise.
Another addition is AI designed to understand applications. In practice, the software analyses application behaviour, suggests segmentation rules, explains those rules and checks their likely impact before enforcement.
Akamai has also introduced what it calls proof-driven enforcement, designed to help customers tighten controls after testing and validation. The aim is to reduce the attack surface while making it easier to extend Zero Trust practices without increasing staff numbers.
Continuous risk containment is another part of the update. This feature links exposure-aware detection with segmentation enforcement, allowing insights generated by the software to be turned directly into policy actions that reduce the blast radius of an attack.
The release also includes delegated workflows for application owners through an App Owner Portal. This is designed to involve application teams more directly in reviews and approvals, reducing delays when security teams implement segmentation in large organisations.
Market context
The announcement comes as companies face growing pressure to defend mixed technology estates spanning on-premise systems, public cloud, containers and newer AI workloads. In these environments, the challenge is often not identifying an initial threat but understanding how systems are connected and where an attacker could move next.
Security vendors have increasingly positioned segmentation as a practical layer within Zero Trust strategies, particularly for businesses that need to meet audit, compliance and data sovereignty requirements. For many organisations, however, segmentation projects remain difficult because they require detailed knowledge of application dependencies and risk interrupting critical systems if policies are too strict.
According to Akamai, the latest product work was informed by an analysis of more than 500 segmentation projects, which the company used to identify operational bottlenecks and factors linked to successful roll-outs.
"We analysed more than 500 segmentation projects to pinpoint common bottlenecks and identify what drives success across technology, processes, and human behaviour," said Ofer Wolf, Senior Vice President and General Manager of Enterprise Security at Akamai.
He said those findings helped shape the update and pointed to the role Akamai sees for automation in segmentation programmes.
"Those insights guided the development of these enhancements to Akamai Guardicore Segmentation that apply AI-powered segmentation throughout the entire risk containment lifecycle - from continuous discovery and intelligent insight to runtime assurance, exposure analysis, and rapid response," Wolf said.
Guardicore Segmentation is aimed at organisations running hybrid IT, cloud, Kubernetes and AI workloads that want to reduce lateral movement and the impact of breaches while meeting compliance and sovereignty requirements.