Zscaler has acquired SPLX, an AI security company. The acquisition strengthens the Zero Trust Exchange with tools for asset discovery, red teaming, and runtime security. It is unknown how much Zscaler paid for SPLX.
SPLX was founded in 2023 and is based in New York. The SPLX acquisition brings multiple components to Zscaler. For example, asset discovery provides an in-depth look at AI applications, examining models, workflows, code repositories, RAG settings, and MCP servers. It doesn’t matter whether these items are in a private or public environment; the SPLX tooling should be able to scan them completely.
In addition, SPLX offers automated AI red teaming with over 5,000 domain-specific attack simulations, including remediation advice. Runtime security tools must block sensitive data exposure and malicious interactions between AI apps, LLMs, agents, and MCP servers. Governance and compliance features also help enforce policy controls.
“Today marks an important step in advancing Zscaler’s role as the trusted partner helping organizations securely adopt AI,” said Jay Chaudhry, CEO, Chairman, and Founder of Zscaler. “AI is creating enormous value, but its full potential can only be realized when it can be secured. By combining SPLX’s technology with the intelligence of the Zscaler Zero Trust Exchange and its native data protection that classifies, governs, and prevents loss of sensitive data across prompts, models, and outputs, Zscaler will secure the entire AI lifecycle on one platform. This will strengthen our industry leadership and give customers the confidence to safely embrace AI.”
AI spending on the rise
Because AI as a new field brings new threats, the two companies argue that securing it must be integrated with existing tooling. Global spending on AI infrastructure is expected to increase by $250 billion this year, according to Zscaler in its announcement of the acquisition. Logically, part of that will be needed to secure AI systems.
Earlier this year, Zscaler acquired Red Canary for more SecOps capabilities and Avalor for data fabric technology. The SPLX deal is therefore one of many that further enriches the Zscaler feature set.
If the features work as described, the addition will eliminate the need for impractical manual work to cover AI security. The real test lies in the speed of product integration and whether red teaming and runtime controls actually reduce risks in production environments. Red Canary will continue to operate as a separate division within Zscaler. SPLX has not specifically mentioned how the company will become part of Zscaler; based on the wording of the SPLX features as extensions of the Zero Trust Exchange platform, we assume that it will merge with Zscaler as a whole.