Cybersecurity and compliance company Proofpoint recently announced four innovations to secure AI-enabled workspaces.
Protecting AI assistants, ensuring controls, and governing AI agents among top use cases
These new capabilities address the foundational risks of the agentic workspace by solving four key challenges, including: protecting AI assistants from targeted attacks, ensuring proper controls prevent data loss by people and agents, governing the actions of GenAI and AI agents, and utilizing AI agents to automate collaboration and data security for security professionals.
“The agentic workspace is here and one of the most profound shifts in terms of how work gets done,” said Sumit Dhawan, CEO of Proofpoint. “Protecting the agentic workspace is the next evolution of human-centric security, extending beyond people to safeguard AI agents and the points where they collaborate and share data. Our mission is to ensure our customers can confidently embrace AI, knowing we will protect them and their data against emerging threats.”
The innovations announced by Proofpoint to enhance the security of the agent workspace will serve as a force multiplier for organizations.
“We’ve been busy because threat actors have been busy. What you see out here is just the advanced threats that have changed in the last 12 months, and you can see in the last eight months alone, the threat actors have been busy and a number of advanced threats have quadrupled,” said Dhawan at Proofpoint Protect 2025 in Nashville, Tennessee. “That’s not changing anytime soon. The trend is going to continue. But you should be pleased to know that the technology you rely on today– our platform has continued to not just stay on track with this evolution, but stay ahead of it.”
Detecting and preventing AI exploits over email
New technologies from Proofpoint, delivered through the Proofpoint Prime Threat Protection solution, block exploits by attackers – such as embedding malicious prompts in emails to manipulate AI assistants like Microsoft Copilot and Google Gemini – before they reach inboxes, ensuring people and AI agents can trust every interaction.
Proofpoint Data Security Complete & Proofpoint AI Data Governance
These innovations provide unified data security protection along with AI data governance. Proofpoint Data Security Complete enables organizations to locate sensitive data, classify it accurately, control access to it, and monitor how people interact with it across all channels, including endpoints, email, the web, and the cloud.
“With visibility into what data is fueling AI models, businesses can align adoption with compliance requirements while preventing careless or malicious exposures,” wrote Brian Gleeson, Proofpoint’s senior product marketing manager, in a blog post. “Proofpoint empowers organizations to embrace AI with confidence, maximizing innovation without sacrificing security.”
Proofpoint Data Security Complete enables organizations to embrace the agentic workspace by:
- Preventing exfiltration and loss through the blocking of misdirected, accidental, or malicious data movement across email, cloud, web, and endpoints.
- Detecting insider threats early by correlating user content and context, dynamically adjusting controls, and accelerating investigations with irrefutable evidence.
- Securing data at rest by discovering and classifying sensitive data in cloud and hybrid environments, followed by risk remediation with one-click controls.
- Enabling safe AI innovation ensures the acceptable use of generative AI and secures sensitive data from unintended exposure.
The new data security product offers discovery and classification through Autonomous Custom Classifiers, providing accurate, dynamic, and resilient data classification with minimal human input. It also creates a consolidated data risk map and provides one-click remediations, while delivering deep integration of DSPM, DLP, insider threat management, and data lineage into a single solution.
Discovery of sanctioned and unsanctioned AI uses strengthens governance plans
Additionally, Proofpoint AI Data Governance enables the discovery of both sanctioned and unsanctioned AI usage, applies prebuilt policies to prevent exfiltration and privacy violations, and governs access through automated workflows for security teams and content owners.
“We’re solving some of the toughest data security challenges around with our new Data Risk Map and AI Data Governance solution,” said Erin Leonard, the senior director of technical sales, at Proofpoint Protect 2025. “You’re able to have control over sanctioned tools like Copilot and ChatGPT, see who’s using these tools, and if there’s any overexposed data being leveraged by them– as well as visibility and control over any unsanctioned AI tools as well.”
Proofpoint Secure Agent Gateway
This solution secures information handled by AI and is built using Model Context Protocol (MCP), which controls how AI agents access data, monitors agent activity, enforces policies for data usage, and blocks or redacts sensitive data before it’s shared with humans or other agents.
This solution works with Proofpoint Data Security Complete to secure data across both people and agents.
“Proofpoint’s solution supports all MCP-compliant agents, whether those are commercial offerings or custom agents developed in-house,” wrote Katie Curtin Mestre, Vice President of Product Marketing, Proofpoint, in a blog post. “This ensures universal compatibility across your whole agentic AI ecosystem. Leading software companies, including Microsoft (with Copilot Studio), OpenAI (with ChatGPT and Agents SDK), Google (with Google Cloud databases and security operations tools), Amazon Web Services (with the Lambda and Bedrock services), and Salesforce (with Agentforce) are already deploying MCP-compliant agents in enterprise environments.”
Proofpoint Satori Agents and Proofpoint Satori Agent-to-Agent Access
This innovation operates within Proofpoint solutions, performing tasks such as handling data loss prevention alerts, automating phishing simulations, and resolving user-reported email threats for enterprises using the Proofpoint platform.
Proofpoint Satori Agents enable users who manage Proofpoint solutions to streamline and scale security operations, eliminate time-consuming repetitive tasks, reduce alert fatigue, and turn data insight into automatic action. Proofpoint Satori Agent-to-Agent Access enables other agents, such as CrowdStrike’s Charlotte AI and Microsoft Copilot, to invoke Proofpoint Satori Agents, facilitating collaboration across platforms, accelerating security operations, automating repetitive tasks, and driving improved security outcomes.
Proofpoint Satori Agent-to-Agent Access utilizes Model Context Protocol (MCP), enabling employees without coding expertise to use a prompt-based low-code/no-code approach to integrate Proofpoint with other security solutions easily.
The Proofpoint Satori Agents include:
- Proofpoint Satori DLP Triage Agent: This agent triages data loss prevention (DLP) alerts. It eliminates repetitive tasks, false positives, and missed alerts, allowing defenders to reclaim capacity to handle complex cases.
- Proofpoint Satori Phishing Simulation Agent: An agent that automatically creates, deploys, and reports on attack-informed simulation campaigns to strengthen the security awareness program.
- Proofpoint Satori Abuse Mailbox Agent: This automates manual reviews and remediation of user-reported suspicious emails. It resolves thousands of “Needs Manual Review” (NMR) cases in seconds, freeing analysts’ time for value-add projects.
“The rise of the agentic workspace is reshaping cybersecurity at its core,” said Ryan Kalember, chief strategy officer at Proofpoint. “By uniting collaboration and data security, we are redefining how organizations secure work in the age of AI. Proofpoint is the first to deliver a solution that enables organizations to find where their data is, understand what it is, and protect what both people and agents do with it, giving them the confidence to innovate, collaborate, and scale safely with AI woven into their most critical workflows.”
Availability slated between now and next year
These new Proofpoint capabilities will be rolled out over the coming months, with AI exploit detection for email expected to arrive in Q4 2025.
Proofpoint Data Security Complete will be available in Q3 2025, with new features to the solution added over the next two quarters. Proofpoint Secure Agent Gateway and Proofpoint Satori Agents will enter phased availability beginning in 2026.
Prior to these announcements, Proofpoint introduced an agentic AI-based compliance offering to effectively detect, understand, and mitigate conduct and compliance risks in real-time. Read more about the new AI solution for Human Communications Intelligence (HCI).
