Thales AI Security Fabric and the Talent Behind Safe AI Adoption
Thales unveiled AI Security Fabric, a platform built to watch how AI-based applications behave while they are running and to close the security gaps that have emerged with the adoption of agents, language models, and RAG flows. More than another defensive toolkit, the company describes it as a layer that plugs directly into what already runs in the cloud or on internal infrastructure and acts the moment a model interacts with users and data. According to Thales, it is the first solution focused on protecting LLM-driven applications and agentic architectures without forcing full system redesigns.
The push behind this proposal responds to a landscape where AI deployments are growing quickly while incidents multiply in ways that are hard to address with traditional defenses. Common problems include attempts to manipulate instructions, jailbreak techniques that extract system prompts, leaks of sensitive data, and abuse patterns that overwhelm model capacity. In RAG flows, additional risks appear around handling internal or external documents that might introduce confidential information or skew the context the model relies on. The security fabric Thales proposes aims to contain this set of threats by monitoring every interaction and acting before a situation escalates.
The platform launches with two major functional blocks. First, AI Application Security, a layer that adds real-time visibility and protection against attacks specific to applications that depend on language models. Its design adapts to on-premises, cloud, or hybrid architectures without demanding rewrites. Second, RAG Security, a component meant to identify and safeguard sensitive information before it enters retrieval processes, with encryption, key management, and protection for the channels that connect models to data sources. The idea is to cover both the immediate surface of the applications and the data flow that feeds their answers.
Are you looking for developers?
Thales also stresses that the proposal draws on frameworks that prioritize the most critical risks in AI-based applications. The company wants to reduce the complexity faced by teams that already manage identities, networks, and compliance, and it proposes a model that not only blocks threats but also generates metrics and policies that are easy to audit. For regulated sectors, this traceability is especially relevant, since organizations today are asked to show how automated decisions are controlled.
The roadmap does not end here. The company says that during 2026 it will add new runtime capabilities, such as more advanced mechanisms to prevent data leaks, a security gateway compatible with Model Context Protocol, and unified controls to authorize and audit every interaction between users, models, and repositories. If these features materialize, the fabric would move from protecting specific applications to a transversal layer that coordinates policies across ecosystems where agents, connected flows, and data in motion coexist.
The launch comes at a moment when security teams no longer ask whether to protect AI, but how to do it without slowing the business. Autonomous models, shifting data sources, and direct exposure to end users create an unpredictable surface that is not resolved with pre-execution analysis or static scans. That is why there is interest in solutions that run alongside the application, take context-aware decisions, and can block unusual actions or prevent sensitive information from leaving the perimeter by accident.
Are you looking for developers?
For many organizations, the practical challenge is to implement these layers without compromising continuous delivery. The key is security that does not require overhauling the entire system, policies defined once and applied across all flows, and compliance evidence ready when needed. Thales wants to position itself in that middle ground, with a solution that governs the exchange between users, models, and data, and that evolves as enterprise use of agents and connected flows advances.
In parallel to those technical needs, an equally important challenge appears: having the talent to turn these tools into real outcomes. This is where firms like Square Codex are adding value. Based in Costa Rica, the company operates under a staff augmentation model that integrates software, data, and AI engineers into existing structures at North American companies. Its contribution lies in translating complex concepts into sustainable operations, wiring RAG flows with encryption and access controls, supervising integrations across clouds, and establishing metrics that distinguish failures inherent to the model from design or architecture issues. This kind of support accelerates the adoption of platforms such as AI Security Fabric and prevents security from becoming a brake on innovation.
Are you looking for developers?
Thales’s stance reflects a clear trend: runtime security will be essential for any company that depends on advanced models. If organizations can combine dynamic controls, data governance, and constant learning from incidents, they will move forward with greater confidence in a scenario where AI is already central to critical processes.
In parallel to those technical needs, an equally important challenge appears: having the talent to turn these tools into real outcomes. This is where firms like Square Codex are adding value. Based in Costa Rica, the company operates under a staff augmentation model that integrates software, data, and AI engineers into existing structures at North American companies. Its contribution lies in translating complex concepts into sustainable operations, wiring RAG flows with encryption and access controls, supervising integrations across clouds, and establishing metrics that distinguish failures inherent to the model from design or architecture issues. This kind of support accelerates the adoption of platforms such as AI Security Fabric and prevents security from becoming a brake on innovation.