In the span of 24 hours this week, two incumbent software companies each paid to own a different layer of the enterprise AI agent stack — and together, the purchases sketch what that stack now looks like. On Thursday, May 28, Asana completed its acquisition of StackAI, a no-code AI workflow platform, for approximately $75 million. The following morning, Palo Alto Networks closed its purchase of Portkey, an AI gateway company, for an estimated $120 million to $140 million — roughly double what Portkey was valued at just three months earlier, according to a report by Economic Times cited by Cybersecurity Magazine. Neither company disclosed official financial terms.
Considered separately, each deal could be read as a routine tuck-in acquisition by a company looking to accelerate its roadmap. Considered together, they map two adjacent layers of an enterprise agent architecture that has begun to take shape over the past year: an execution layer, where agents read from and act inside the systems where business actually runs, and a control layer, where enterprises see, route, and govern what those agents do.
That distinction matters for enterprise technology buyers. Most organizations deploying AI agents in 2026 have discovered that the hard problem is not getting an agent to generate output — it is getting an agent to execute reliably inside Salesforce, Oracle, or a legacy enterprise resource planning system without unauthorized data access, runaway costs, or behavior a compliance team cannot audit. Asana's acquisition addresses the first half of that problem. Palo Alto's addresses the second.
What Asana Bought: Cross-System Execution Without Code
Asana has spent the past two years positioning itself as what CEO Dan Rogers calls "the operating system for human-agent teams." That framing had a specific vulnerability: Asana's agents could plan and track work, but could not execute tasks end-to-end inside the enterprise systems where business actually runs. StackAI, founded by MIT PhDs Tony Rosinol and Bernard Aceituno through Y Combinator's Winter 2023 cohort, was built to close exactly that gap.
The platform lets non-developers design, test, deploy, and govern agents that read from and write to enterprise resource planning, customer relationship management, and IT service management systems — among them Salesforce, Oracle, AWS, DocuSign, Slack, and Google Workspace. A compliance team, for instance, can build an agent that pulls contracts from a document store, checks them against customer relationship management policy rules, and routes flagged items to a Slack channel for review — without writing a line of code. StackAI's customer base concentrates in financial services, healthcare, and professional services, industries where governance and audit requirements have raised the bar for any agent platform.
The company had raised just under $20 million in total before the acquisition, most of it in a Series A of $16 million backed by Gradient, Epakon Capital, Lobby VC, LifeX Ventures, and Vercel CEO Guillermo Rauch. StackAI will continue to operate as a standalone brand inside Asana; Rosinol and Aceituno joined the company with the deal.
Asana's decision to buy rather than build was also a competitive calculation with a compressed timeline. The company has lost more than half its market capitalization since the introduction of ChatGPT. Rogers, who replaced founder Dustin Moskovitz as CEO in March 2025, is betting that acquiring a cross-system execution layer — rather than building one against Microsoft 365 Copilot's agent stack and Salesforce's Agentforce — buys Asana enough runway to make the "operating system" framing credible before those alternatives make it irrelevant.
What Palo Alto Bought: Governance for Agents Acting as Privileged Insiders
Portkey's product addresses a different problem at a different layer. The company built what it calls an AI Gateway: a routing, observability, and policy layer that sits between enterprise applications and AI model application programming interfaces. According to Palo Alto's own announcement, Portkey's architecture processes trillions of tokens per month — a company claim not independently audited — with the low latency required for agent-to-agent communication.
The security case for such a product rests on what happens when agents fail or are compromised. OWASP's Agentic Applications Top 10, published in December 2025, identified goal hijacking via prompt injection, tool misuse, identity abuse, and supply chain compromise as the primary risk vectors specific to autonomous agents — distinct from the vulnerabilities that governed earlier AI applications. A 2026 survey by Vorlon of 500 US security leaders found that one in three enterprises experienced a confirmed or suspected security incident involving AI agents in 2025. IBM's 2025 Cost of a Data Breach Report found that 97% of organizations reporting an AI-related breach lacked proper AI access controls.
Palo Alto's framing of the problem is precise: once an agent can execute code, call application programming interfaces, and initiate financial processes without human oversight, it is no longer a chatbot — it is a privileged insider whose behavior can no longer be governed by the perimeter and identity controls that protected user-driven applications. The AI Gateway, once integrated into Palo Alto's Prisma AIRS platform, will deliver four capabilities the cybersecurity company had not previously offered as a unified service: visibility into agent traffic, runtime threat detection against agent-specific attack patterns, automated routing of requests to the most appropriate model, and controls on runaway token costs.
Portkey CEO Rohit Agarwal described scaling AI in production as requiring "a delicate balance between total flexibility for developers and absolute control for security teams." That balance — not previously achievable with existing security tooling built for human users — is precisely what the EU AI Act's enforcement obligations, which take effect August 2, 2026, will begin to formalize as a legal requirement for high-risk AI deployments.
How Enterprise AI Agent Acquisitions Fit Into a Broader Stack
The Asana and Palo Alto deals did not occur in isolation. In March 2026, Google completed its $32 billion acquisition of Wiz, the largest AI-era security consolidation to date. F5 acquired CalypsoAI in January 2026. CrowdStrike acquired Pangea and Cato Networks acquired Aim Security in September 2025. AlixPartners predicted in December 2025 that M&A deal volume in enterprise software would surge 30 to 40% year-over-year in 2026, driven by AI consolidation pressure.
The pattern those deals collectively suggest is that enterprise agent spending is now flowing toward the infrastructure surrounding agents — execution, gateway, observability, and control — rather than only toward agent products themselves. Eric Hanselman, Chief Analyst at 451 Research and S&P Global, has noted that companies able to capture the agentic AI advantage early will have a significant competitive edge, but that success depends on having the right data foundation and governance in place — precisely the capabilities Asana and Palo Alto are now buying.
The competitive context is dense. Microsoft is rolling out Agent 365 and Copilot Studio as a combined identity, governance, and execution layer. Salesforce has positioned Agentforce — with reported annual recurring revenue of $800 million — at the center of its product strategy. ServiceNow restructured its entire commercial model around autonomous AI tiers. Zendesk acquired Forethought in its largest deal in two decades. IBM completed its acquisition of Confluent in March 2026 to supply real-time data to enterprise agents. The Asana and Palo Alto deals are small against any hyperscaler budget. At $75 million, Asana's bet is a rounding error compared with what Microsoft spends in a week. The question is whether the execution layer and the security gateway are distinct enough from what Microsoft and Salesforce offer that they survive as independent software categories — or whether they get absorbed into the broader platforms by year-end.
What AI Agent Security Gateway Capabilities Still Look Like in Practice
There are real limits to the framing. The two layers Asana and Palo Alto just bought represent only a portion of the enterprise agent stack. The orchestration logic that coordinates multiple agents across multiple departments — what analysts have begun calling an agentic mesh — remains contested between Microsoft's Copilot Studio, Salesforce's Agentforce, IBM's watsonx Orchestrate, and a tier of independent vendors including LangGraph and LiteLLM. The standards governing zero-trust agent identity, audit log formats, and the contractual allocation of liability when an agent acts incorrectly have not yet been finalized by any named standards body.
An AI Weekly analyst note flagged that Asana's $75 million bet assumes human-agent orchestration remains a distinct software layer for at least the next 12 to 24 months — rather than being absorbed into Microsoft 365 Copilot or Salesforce Agentforce. That is the central risk in the thesis. No-code agent-building platforms like StackAI are themselves vulnerable to commoditization by the same hyperscalers whose application programming interfaces they integrate with.
For enterprise software buyers, the practical reading is narrower. The two layers most directly necessary for production AI agent deployment — getting agents to execute across core systems and keeping that execution governed and auditable — now have measurable price tags attached. The remaining contested layer — who coordinates agents across departments, and what standards will govern their identity and liability — does not yet. What gets bought first tends to shape what gets built next.
Frequently Asked Questions
What did Asana pay for StackAI, and what does it get?
Asana paid approximately $75 million for StackAI, a no-code AI workflow platform that lets enterprise teams build and deploy agents that execute tasks across systems such as Salesforce, Oracle, AWS, and Google Workspace without writing code. The acquisition gives Asana the cross-system execution layer its existing agent products lacked, with StackAI continuing to operate as a standalone brand inside the company.
What is an AI security gateway, and why did Palo Alto Networks acquire Portkey?
An AI security gateway is a routing, observability, and policy layer that sits between enterprise applications and AI model application programming interfaces, monitoring what agents do, routing requests to the appropriate model, and enforcing controls on data access and token costs. Palo Alto Networks acquired Portkey to integrate this capability into its Prisma AIRS platform, addressing the specific risks that arise when autonomous agents operate with the access privileges of a human insider rather than a constrained application.
How does the enterprise AI agent stack relate to Microsoft and Salesforce competition?
Microsoft and Salesforce are building competing execution and governance layers through Copilot Studio and Agentforce respectively, making the 12-to-24-month window before those platforms consolidate the critical period for Asana and Palo Alto to establish their positions in the stack.
What enterprise AI agent acquisitions closed in May 2026?
Asana completed its acquisition of StackAI on May 28, 2026, and Palo Alto Networks completed its acquisition of Portkey on May 29 — two deals at adjacent layers of the enterprise agent infrastructure stack that closed within 24 hours of each other.
ⓒ 2026 TECHTIMES.com All rights reserved. Do not reproduce without permission.
