Proofpoint unveils AI security tools to protect agentic workspaces

Proofpoint has announced four new solutions aimed at securing the agentic workspace, the emerging environment where people, artificial intelligence (AI) agents, and data intersect.

The company's latest developments are focused on managing risks introduced by the growing integration of AI assistants and agents in daily work activities. These new technologies address the protection of AI assistants from targeted threats, control and governance of data, oversight of AI agent actions, and the use of AI agents to streamline security operations for organisations.

Agentic workspace context

With AI assistants increasingly embedded in workplace functions, automating tasks and collaborating alongside human users, the attack surface for organisations is broadening. These AI-powered tools can carry out many activities similar to those of human users, but this capability also makes them susceptible to deception and exploitation. Both people and AI agents are at risk from social engineering, prompt manipulation, and unintended data disclosure.

Sumit Dhawan, Chief Executive Officer at Proofpoint, provided context for the shift:

"The agentic workspace is here and one of the most profound shifts in terms of how work gets done. Protecting the agentic workspace is the next evolution of human-centric security, extending beyond people to safeguard AI agents and the points where they collaborate and share data. Our mission is to ensure our customers can confidently embrace AI, knowing we will protect them and their data against emerging threats."

Four focus areas

The newly announced capabilities are divided into four core areas, each addressing a distinct challenge presented by agentic workspaces:

1. Email exploit detection and prevention
Proofpoint's solution counters threats where malicious prompts are hidden in emails, designed to manipulate AI assistants such as Microsoft Copilot and Google Gemini. These attacks may use prompt injections to damage AI-based defences, provide misleading outputs, or facilitate data theft. Proofpoint's detection technologies, delivered through Proofpoint Prime Threat Protection, block such exploits before they appear in inboxes, giving both users and AI agents a layer of trust in their communication channels.

2. Comprehensive data security and governance
Data protection is increasingly urgent with AI's expansion. Proofpoint Data Security Complete helps organisations locate, classify, control, and monitor sensitive data across environments such as endpoints, email, web, and cloud. The offering applies Autonomous Custom Classifiers for improved, resilient classification with less manual work from humans. It also consolidates data risk mapping, showing data lineage and identifying configuration and access risks, while providing one-click remediation. Integration with other Proofpoint tools covers data security posture management (DSPM), data loss prevention (DLP), insider threat management, and data lineage in one solution.

Proofpoint AI Data Governance focuses on identifying both permitted and unauthorised AI usage, applying policies to avoid data leaks or privacy breaches, and automating governance workflows for content and security teams.

3. Secure Agent Gateway
To address the risk of data handled by AI agents created and run by organisations, Proofpoint has developed the Secure Agent Gateway. Using Model Context Protocol (MCP), the gateway controls AI agent access to data, monitors activities, enforces data use policies, and can block or redact sensitive information before sharing it further. Integrated with Data Security Complete, it provides a unified approach to securing data managed by both people and AI agents.

4. Satori Agents and cross-platform integration
Proofpoint Satori Agents operate within the platform, automating tasks such as handling alerts, recommending security training, and responding to user-reported threats. These tools aim to reduce the burden on security teams by taking over repetitive tasks and turning insights into automated action.

With Satori MCP Access, other agents, including those from security providers CrowdStrike and Microsoft, can connect with Proofpoint's Satori Agents. This facilitates collaboration and automation across multiple platforms, helping teams accelerate their security workflows and improve outcomes. The system's use of Model Context Protocol simplifies integration with other security solutions.

Ryan Kalember, Chief Strategy Officer at Proofpoint, described the broader significance:

"The rise of the agentic workspace is reshaping cybersecurity at its core. By uniting collaboration and data security, we are redefining how organisations secure work in the age of AI. Proofpoint is the first to deliver a solution that enables organisations to find where their data is, understand what it is, and protect what both people and agents do with it, giving them the confidence to innovate, collaborate, and scale safely with AI woven into their most critical workflows."

Rollout and availability

The new capabilities will be introduced to Proofpoint's platform in stages. AI exploit detection for email is set to be available in the last quarter of 2025. Proofpoint Data Security Complete can be accessed starting in the third quarter of 2025, with further enhancements to be released over the following two quarters. Secure Agent Gateway and Satori Agents are expected to begin phased rollout in 2026.