- Disrupts AI-powered, exploit-driven attacks earlier in the attack chain
- Allows security teams to prioritize remediation based on real attacker activity, not severity scores
- Automatically translates exploit intelligence into immediate protection via primary attack paths
SUNNYVALE, California, May 27, 2026 (GLOBE NEWSWIRE) — Proofpoint, Inc.a leading cybersecurity and compliance company, announced today Active protection against exploitsa new solution that enables organizations to defend against increasing exposure to AI-accelerated cyber threats. Based on real-world threats observed through Proofpoint’s telemetry, it identifies vulnerabilities that are actively being exploited in the wild and automatically translates that information to enable immediate protection along the primary attack paths.
Advanced AI models, including frontier systems that can independently discover software vulnerabilities, dramatically increase the speed at which they are discovered and exploited. The patch cycle is no longer the security clockwith time-to-active targeting shrinking from years to a matter of hours or less. In some cases, attacks begin before public tracking frameworks reflect the risk. Traditional patch-based security approaches cannot keep pace with this machine-speed threat environment.
Deep intelligence based on real world exploitation
Proofpoint’s advantage is rooted in dual-source insight into how vulnerabilities are actually exploited – often before they are reflected in public risk frameworks. Proofpoint’s attack telemetry includes hundreds of millions of daily email interactions, augmented by a global network of more than 5,000 sensors, which will have generated more than three million exploit-related alerts in 2026 alone. To date, Proofpoint has identified twelve actively exploited CVEs before 2026, compared to eight currently listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog. Active Exploits Protection leverages this intelligence and translates real-world malicious activity into prioritized remediation and immediate protection.
“The speed at which threats evolve has fundamentally changed the risk equation,” said Sumit Dhawan, CEO of Proofpoint. “It is no longer enough to identify vulnerabilities. Organizations must understand in real-time what attackers are exploiting and immediately reduce their exposure. By combining real-world exploit intelligence with protection through the primary attack paths, we can help defend at the speed at which today’s threats spread.”
From overloading vulnerabilities to clarity about exploitation
Even as the number of vulnerabilities increases and groundbreaking AI accelerates discovery at scale, fewer than 6% of all disclosed vulnerabilities are ever observed to be exploited in real-world attacks. Security teams are drowning in ‘critical’ findings and forced to review thousands of alerts without clear signals about what significantly increases risk. Organizations often find themselves allocating resources based on severity scores rather than the attacker’s actual behavior.
Active Exploits Protection helps organizations move beyond patch speed and toward real-time exposure reduction. Based on observed attacker activity, the solution enables security teams to focus remediation efforts on what materially reduces risk, shorten the window between discovering vulnerabilities and defending against them, and stop exploit-driven threats before they disrupt business operations.
To help organizations implement this approach, Active Exploits Protection delivers four core capabilities:
- Prioritize actively exploited vulnerabilities: Identifies vulnerabilities confirmed to be in the wild based on Proofpoint telemetry at over 3 million organizations and 14,000 enterprises. Prioritization is driven by observed attacker behavior, rather than theoretical severity scores, allowing security teams to focus remediation on what materially reduces risk.
- Enable immediate protection: Exploit information is automatically turned into protection in approximately 35 seconds, with network-wide distribution in less than 18 minutes. This reduces the exposure period for zero-day threats and new weaponized threats to an average of minutes, even if patching has not yet begun. Based on the more than two billion emails analyzed daily, the platform maintains a detection accuracy of 99.999%.
- Faster threat-based decisions: By turning intelligence directly into action, Active Exploits Protection shortens the time between threat identification and protection deployment, provides real-time context for investigations, and allows customers to access and modify attack intelligence through APIs. The solution integrates with existing SOC tools, vulnerability management platforms and automation pipelines.
- Scale with AI-driven workflows: The solution is designed for modern security operations and provides a foundation for AI-driven and automated workflows. By embedding exploit intelligence directly into operational processes, organizations can reduce manual triage and operationalize exposure reduction at scale.
“As AI-enabled threats accelerate vulnerability exploitation, enterprise security teams need a clearer view of what attackers are targeting,” said Vishal Salvi, Global Head of Cognizant’s Cybersecurity Service Line. “Proofpoint’s Active Exploits Protection provides that focus, and Cognizant plans to help our customers implement it through our managed security and threat response services so they can prioritize remediation where it matters most.”
Availability
Proofpoint Active Exploits Protection is available worldwide today and is delivered through integrated platform capabilities and API access.
To learn more about the vulnerability landscape, read our threat blog: https://www.proofpoint.com/us/blog/threat-insight/more-cves-same-playbook-2026-vulnerability-exploitation-wild
For more information about Proofpoint Active Exploits Protection, visit: https://www.proofpoint.com/us/blog/email-and-cloud-threats/future-exploit-defense-starts-first-mile
About Proofpoint, Inc.
Proofpoint, Inc. is a global leader in human and agent-centric cybersecurity, securing the way people, data and AI agents connect across email, cloud and collaboration tools. Proofpoint is a trusted partner to more than 80 of the Fortune 100, more than 10,000 large enterprises, and millions of smaller organizations in stopping threats, preventing data loss, and building resilience for people and AI workflows. Proofpoint’s collaboration and data security platform helps organizations of all sizes protect and empower their people while embracing AI securely and confidently. More information at http://www.proofpoint.com.
Connect to Proofpoint LinkedIn
Proofpoint is a registered trademark or trade name of Proofpoint, Inc. in the US and/or other countries. All other trademarks in this document are the property of their respective owners.
PROOFPOINT MEDIA CONTACT:
Estelle Derouet
Proofpoint, Inc.
[email protected]
