IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Proofpoint launches AI-era exploit protection tool
Network Security Cloud Security SOCs

Proofpoint launches AI-era exploit protection tool

Thu, 28th May 2026 (Today)
Mark Tarre
MARK TARRE News Chief

Proofpoint has launched Active Exploits Protection, a product aimed at helping organisations respond to cyber attacks linked to advances in artificial intelligence.

The tool is designed to identify software vulnerabilities being exploited in live attacks and turn that intelligence into defensive measures across what Proofpoint describes as primary attack paths. The company is positioning the launch around a shift in the threat landscape, where attackers can move from vulnerability discovery to exploitation much faster than in the past.

According to Proofpoint, that change is being driven by advanced AI models that can autonomously find and weaponise software flaws. In that environment, patching cycles alone are no longer sufficient because exploitation can begin within hours, and in some cases before public risk-tracking systems reflect the threat.

Threat signals

Proofpoint said its assessment is based on telemetry from hundreds of millions of daily email interactions and a global network of more than 5,000 sensors. Those systems have generated more than three million exploit-related alerts this year, it said.

The company also said it had identified 12 actively exploited 2026 CVEs so far this year, compared with eight listed in the US Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalogue at the same point. The comparison is intended to show that exploit activity can emerge before broader public frameworks catch up.

Proofpoint argues that security teams are often overwhelmed by the number of vulnerabilities flagged as critical, even though only a small share are ever used in real-world attacks. It cited a figure of fewer than 6% of disclosed vulnerabilities being observed in exploitation, leaving defenders to sift through large numbers of alerts without clear guidance on which flaws are most urgent.

Active Exploits Protection is intended to shift that process from severity-based patching to remediation based on attacker activity. Proofpoint said the product identifies vulnerabilities seen in use in the wild across telemetry covering more than three million organisations and 14,000 large enterprises.

Response time

Proofpoint said exploit intelligence can be translated into protection in about 35 seconds, with network-wide propagation in under 18 minutes. It said that can reduce exposure to zero-day and newly weaponised threats to a median of minutes, even before patching begins.

The system also works with existing security operations centre tools, vulnerability management products and automation pipelines through integrated platform functions and application programming interfaces. Proofpoint described it as suitable for AI-driven and automated workflows intended to reduce manual triage.

Across more than two billion emails analysed each day, the platform maintains 99.999% detection precision, according to Proofpoint. The figure forms part of the company's case that telemetry from email and related attack channels can provide an early view of how threat actors are behaving.

Sumit Dhawan, Chief Executive Officer of Proofpoint, said the company sees a change in how defenders need to assess risk as AI speeds up the pace of attacks.

"The speed at which threats are evolving has fundamentally changed the risk equation. It's no longer enough to identify vulnerabilities. Organisations need to understand what attackers are exploiting in real time and reduce their exposure immediately. By combining real-world exploit intelligence with protections across the primary attack paths, we can help defend at the speed today's threats spread," said Dhawan.

The launch also drew support from Cognizant, which said it plans to use the offering in its managed security and threat response work for clients.

"With AI-accelerated threats exploiting vulnerabilities faster, enterprise security teams need a sharper view of what attackers are targeting. Proofpoint's Active Exploits Protection offers that focus, and Cognizant intends to help our clients operationalise it through our managed security and threat response services, so they can prioritise remediation where it matters most," said Salvi.

Proofpoint said the product is available globally through its platform and via API access.

Image: Sumit Dhawan, Proofpoint
Related stories
Infoblox completes Axur buy to boost digital risk protection
Infoblox completes Axur takeover to boost threat defence
Anthropic AI's Mythos triggers warnings over cyber risk
Zscaler to buy Symmetry Systems in AI security push
AI adoption outpaces cloud security, Check Point warns
Top stories
Magellanic Cloud reports stronger FY26 revenue & profit
AWS launches agentic shopping assistant for retailers
SenSen & Turnstone partner on curb data for cities
ClickHouse launches AI agents as ARR tops USD $250m
Google Cloud launches AI Threat Defence against attacks