- Disrupts AI-powered exploit-driven attacks earlier in the attack chain
- Enables security teams to prioritize remediation based on real attacker activity—not severity scores
- Automatically translates exploit intelligence into immediate protection across primary attack paths
SUNNYVALE, Calif., May 27, 2026 (GLOBE NEWSWIRE) -- Proofpoint, Inc., a leading cybersecurity and compliance company, today announced Active Exploits Protection, a new solution that empowers organizations to defend against the growing exposure to AI-accelerated cyber threats. Based on real-world threats observed across Proofpoint’s telemetry, it identifies vulnerabilities actively abused in the wild and automatically translates that intelligence to enable immediate protection across the primary attack paths.
Advanced AI models, including frontier systems capable of autonomously discovering software vulnerabilities, are dramatically increasing the speed at which they are discovered and weaponized. The patch cycle is no longer the security clock, with time-to-active targeting collapsing from years to a matter of hours or less. In some cases, attacks begin before public tracking frameworks reflect the risk. Traditional, patch-based security approaches cannot keep pace with this machine-speed threat environment.
Deep Intelligence Grounded in Real-World Exploitation
Proofpoint’s advantage is rooted in dual-source visibility into how vulnerabilities are actually abused—often before they are reflected in public risk frameworks. Proofpoint’s attack telemetry spans hundreds of millions of daily email interactions, complemented by a global network of more than 5,000 sensors, that have generated over three million exploit-related alerts in 2026 alone. Year to date, Proofpoint has identified 12 actively exploited 2026 CVEs compared to eight currently listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog. Active Exploits Protection operationalizes this intelligence, translating real-world malicious activity into prioritized remediation and immediate protection.
“The speed at which threats are evolving has fundamentally changed the risk equation,” said Sumit Dhawan, CEO of Proofpoint. “It’s no longer enough to identify vulnerabilities. Organizations need to understand what attackers are exploiting in real time and reduce their exposure immediately. By combining real-world exploit intelligence with protections across the primary attack paths, we can help defend at the speed today’s threats spread.”
From Vulnerability Overload to Exploitation Clarity
Even as vulnerability volumes surge, with frontier AI accelerating discovery at scale, fewer than 6% of all disclosed vulnerabilities are ever observed being exploited in real-world attacks. Security teams are left drowning in “critical” findings, forced to triage thousands of alerts without clear signals about what materially increases risk. Organizations often find themselves allocating resources based on severity scores rather than actual attacker behavior.
Active Exploits Protection helps organizations move beyond patch velocity toward real-time exposure reduction. Grounded in observed attacker activity, the solution enables security teams to focus remediation on what materially reduces risk, shrink the window between vulnerability discovery and defense, and stop exploit-driven threats before they disrupt the business.
To help organizations operationalize this approach, Active Exploits Protection delivers four core capabilities:
- Prioritize Actively Exploited Vulnerabilities: Identifies vulnerabilities confirmed to be used in the wild based on Proofpoint telemetry across more than 3 million organizations and 14,000 large enterprises. Prioritization is driven by observed attacker behavior, not theoretical severity scoring, enabling security teams to focus remediation on what materially reduces risk.
- Enable Immediate Protection: Exploit intelligence is automatically translated into protection in approximately 35 seconds, with network-wide propagation in under 18 minutes. This reduces the exposure window for zero-day and newly weaponized threats to a median of minutes, even when patching hasn’t started. Across more than two billion emails analyzed daily, the platform maintains 99.999% detection precision.
- Faster, Threat-Informed Decisions: Turning intelligence directly into action, Active Exploits Protection shortens the time between threat identification and protection deployment, provides real-time context for investigations, and enables customers to access and tailor attack intelligence via APIs. The solution integrates with existing SOC tools, vulnerability management platforms, and automation pipelines.
- Scale with AI-Driven Workflows: Designed for modern security operations, the solution provides a foundation for AI-driven and automated workflows. By embedding exploit intelligence directly into operational processes, organizations can reduce manual triage and operationalize exposure reduction at scale.
"With AI-accelerated threats exploiting vulnerabilities faster, enterprise security teams need a sharper view of what attackers are targeting," said Vishal Salvi, Global Head of Cognizant's Cybersecurity Service Line. "Proofpoint's Active Exploits Protection offers that focus, and Cognizant intends to help our clients operationalize it through our managed security and threat response services, so they can prioritize remediation where it matters most."
Availability
Proofpoint Active Exploits Protection is available globally today and delivered via integrated platform capabilities and API access.
To learn more about the vulnerability landscape, read our threat insight blog: https://www.proofpoint.com/us/blog/threat-insight/more-cves-same-playbook-2026-vulnerability-exploitation-wild
For more information about Proofpoint Active Exploits Protection, visit: https://www.proofpoint.com/us/blog/email-and-cloud-threats/future-exploit-defense-starts-first-mile
About Proofpoint, Inc.
Proofpoint, Inc. is a global leader in human- and agent-centric cybersecurity, securing how people, data and AI agents connect across email, cloud and collaboration tools. Proofpoint is a trusted partner to over 80 of the Fortune 100, over 10,000 large enterprises, and millions of smaller organizations in stopping threats, preventing data loss, and building resilience across people and AI workflows. Proofpoint’s collaboration and data security platform helps organizations of all sizes protect and empower their people while embracing AI securely and confidently. Learn more at www.proofpoint.com.
Connect with Proofpoint on LinkedIn
Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.
PROOFPOINT MEDIA CONTACT:
Estelle Derouet
Proofpoint, Inc.
pr@proofpoint.com
