Proofpoint acquires Acuvity to extend AI security and governance across the agentic workspace

Proofpoint has acquired Acuvity, a specialist in enterprise AI security and governance, in a move aimed at addressing the growing security and compliance risks emerging from agentic, AI-driven workplaces. The acquisition strengthens Proofpoint’s platform with AI-native visibility, governance and runtime protection for both human- and agent-led workflows.

As generative AI becomes embedded across everyday enterprise functions—from software development and customer service to finance and legal—organisations are increasingly relying on AI copilots, autonomous agents and model-connected applications to execute business-critical tasks. While this shift is driving productivity gains, it is also introducing new categories of risk, including shadow AI usage, sensitive data leakage, intellectual property exposure, regulatory non-compliance and AI-specific attack techniques such as prompt injection and model manipulation.

By bringing Acuvity into its portfolio, Proofpoint is expanding its human-centric security approach to cover what it describes as the “agentic workspace”—environments where people and AI agents work together, accessing data, making decisions and executing actions in real time. Acuvity’s technology adds AI-native controls designed to give enterprises clearer visibility into how AI tools are being used, alongside governance and enforcement capabilities that help ensure innovation does not undermine security or trust.

Ryan Kalember, Chief Strategy Officer at Proofpoint, said the rise of AI agents as active participants in enterprise workflows requires a fundamentally different security model. He noted that effective protection now depends on understanding human intent, agent behaviour and risk signals simultaneously. According to Kalember, the combined Proofpoint–Acuvity platform enables organisations to adopt AI tools with the level of governance and control required to manage risk, positioning Proofpoint as a unified platform securing people, data and AI together.

Acuvity adds new detection models and control points built specifically for AI-centric environments. Its platform provides visibility and enforcement across a wide range of AI usage scenarios, from endpoints and web browsers to emerging AI infrastructure such as Model Context Protocol (MCP) servers and locally deployed AI tools. These capabilities are designed to help organisations govern how employees and systems interact with external AI services, while also protecting internally developed or deployed AI models and applications.

With the integration of Acuvity, Proofpoint is positioning itself as the first cybersecurity platform to offer comprehensive protection across all dimensions of the agentic workspace. The combined offering spans collaboration security to protect users from human-targeted threats, data security and governance to ensure sensitive information is accessed only by authorised people and AI systems, and AI security controls to govern enterprise AI usage end to end.

Satyam Sinha, co-founder and CEO of Acuvity, said enterprises are struggling to keep pace with the speed of AI adoption and the complexity of securing it. He argued that as intelligence increasingly resides in interactions, decisions and autonomous agents, security must evolve to govern how AI systems think, act and learn in real time.

The acquisition reflects a broader shift in enterprise security priorities, as organisations look to balance rapid AI-driven innovation with the need for consistent governance, compliance and trust in increasingly autonomous digital workplaces.