Advertisement Proofpoint announced Thursday it has acquired Acuvity, an AI security startup, as the cybersecurity company moves to address security risks stemming from widespread corporate adoption of agentic AI. The acquisition strengthens Proofpoint ‘s capabilities in monitoring and securing AI-powered systems that are increasingly handling sensitive business functions across enterprises. Financial terms of the deal were not disclosed, but Ryan Kalember, Proofpoint’s chief strategy officer, told CyberScoop that the acquisition was beyond a pure “technology acquisition,” with Acuvity’s engineering team slated to join the California-based company. Acuvity specializes in visibility and governance for AI applications, including the ability to track how employees and automated systems interact with external AI services and protect custom AI models developed within organizations. The startup’s platform monitors AI usage across multiple deployments, from web browsers to specialized infrastructure including Model Context Protocol (MCP) servers and locally installed AI tools. Advertisement The deal reflects growing concern among enterprises about security gaps created as organizations deploy agentic AI across departments, like software development, customer support, finance, and legal operations. These systems increasingly access sensitive data and execute tasks previously handled exclusively by humans. Additionally, AI-specific attack vectors such as prompt injection and model manipulation have emerged as potential threats that traditional cybersecurity tools were not designed to address. Kalember said CISOs are seeing the potential risk combined with agentic AI growth, and are sensing the need to maintain governance without impeding innovation, particularly as the pace of AI adoption has outstripped many companies’ ability to secure these systems effectively. “It has definitely been a pivot from, ‘I got to be able to stop prompt injection’ to ‘I have to be able to figure out what the AI is even doing,’” he told CyberScoop. Last May, Proofpoint acquired Hornetsecurity Group, a Germany-based provider of Microsoft 365 security services, in a deal reportedly valued at more than $1 billion. Kalember told CyberScoop he sees Acuvity helping small- and medium-sized organizations that leverage Hornetsecurity’s offerings to boost its AI security. Advertisement “That is going to be a world in which, independent of the size of the organization, they are going to very much leverage AI, and some of that will be built into the tools like M365 that is tightly coupled with the Hornetsecurity architecture,” Kalember said. The acquisition follows a theme within the industry where larger security companies are buying AI-focused security startups . Just last week, data security firm Varonis acquired AI security firm AllTrue.ai for $150 million. More Scoops (Getty Images) CrowdStrike at the 2020 RSA Conference in San Francisco. (Greg Otto / Scoop News Group) Open AI CEO Sam Altman speaks during Snowflake Summit 2025 at Moscone Center on June 02, 2025 in San Francisco, California.(Photo by Justin Sullivan/Getty Images) Latest Podcasts What happens if CISA 2015 lapses? No exceptions: How Amazon killed the password and unified security What leaders can learn from the WEF’s Cybersecurity Outlook Opportunistic by Default: How OT gets pulled into the blast radius Government CISA to host industry feedback sessions on cyber incident reporting regulation Acting CISA chief says DHS funding lapse would limit, halt some agency work GOP Congress moves to shape election law in Trump’s image After major Poland energy grid cyberattack, CISA issues warning to U.S. audience Technology DHS privacy probe will focus on biometric tracking by ICE, OBIM WhatsApp releases account feature that looks to combat spyware CISA publishes a post-quantum shopping list for agencies. Security professionals aren’t sold Predator spyware demonstrates troubleshooting, researcher-dodging capabilities Threats 0APT ransomware group rises swiftly with bluster, along with genuine threat of attack Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities Fallout from latest Ivanti zero-days spreads to nearly 100 victims Alleged 764 member arrested, charged with CSAM possession in New York Policy CISA tells agencies to stop using unsupported edge devices What’s next for DHS’s forthcoming replacement critical infrastructure protection panel, AI information sharing Sean Cairncross' cybersecurity agenda: less regulation, more cooperation US wants to push its view of AI cybersecurity standards to the rest of the world