OpenAI Acquires Promptfoo to Bolster Security for AI Agents
Key Facts
- What: OpenAI announced the acquisition of Promptfoo, an AI security startup founded in 2024 that develops tools to test and protect large language models from vulnerabilities.
- When: Announced Monday, March 9, 2026; the deal is expected to close in the coming weeks.
- Integration: Promptfoo’s technology will be integrated into OpenAI Frontier, OpenAI’s enterprise platform for building and managing AI agents.
- Founders and Funding: Founded by Ian Webster and Michael D’Angelo; raised $23 million and valued at $86 million after its July 2025 funding round.
- Usage: Promptfoo’s tools are reportedly used by more than 25% of Fortune 500 companies.
Lead paragraph
OpenAI has acquired Promptfoo, a specialized AI security startup, to strengthen safeguards for its emerging portfolio of autonomous AI agents. The deal, announced Monday, will see Promptfoo’s vulnerability testing and red-teaming technology integrated directly into OpenAI Frontier, the company’s enterprise platform designed for building and deploying AI agents that perform digital tasks. The move underscores growing industry concerns about securing AI systems against adversarial attacks as frontier labs race to make agentic AI safe for business-critical operations.
OpenAI detailed the acquisition in an official blog post, stating that Promptfoo’s platform helps enterprises identify and remediate vulnerabilities in AI systems during development. Once the transaction closes, the technology will enable automated red-teaming of agentic workflows, continuous evaluation for security concerns, and ongoing monitoring for risks and compliance requirements.
The acquisition comes at a pivotal moment in the development of “agentic AI” — autonomous systems capable of performing complex digital tasks with minimal human oversight. While these AI agents promise significant productivity gains, they also create new attack surfaces for bad actors seeking to extract sensitive data, manipulate outcomes, or compromise automated business processes.
Background on Promptfoo
Promptfoo was founded in 2024 by Ian Webster and Michael D’Angelo with a clear mission: provide developers with practical tools to secure AI systems. The company built an open-source interface and library that allows organizations to systematically test large language models for security weaknesses, including prompt injection, data leakage, and adversarial manipulation.
According to OpenAI’s announcement, Promptfoo’s products have gained rapid adoption, now used by more than 25% of Fortune 500 companies. Despite its relatively short history, the startup raised $23 million in funding and reached a valuation of $86 million following its most recent round in July 2025, according to data from PitchBook. OpenAI did not disclose the financial terms of the acquisition.
The startup’s core offering focuses on red-teaming and evaluation frameworks specifically tailored for large language models and the emerging class of AI agents. These tools help developers simulate attacks, identify failure modes, and implement appropriate guardrails before systems are deployed in production environments.
OpenAI Frontier Platform
OpenAI Frontier represents the company’s dedicated enterprise offering for organizations looking to build and manage fleets of AI agents — systems the company sometimes refers to as “AI coworkers.” The platform is designed to give each agent appropriate guardrails and controlled data access while maintaining enterprise-grade security and compliance standards.
The integration of Promptfoo’s technology is expected to significantly enhance Frontier’s security capabilities. Specifically, OpenAI said the combined system will support:
- Automated red-teaming of agentic workflows
- Continuous evaluation for security vulnerabilities
- Real-time monitoring for risks and compliance violations
- Improved traceability and reporting for governance requirements
In its announcement, OpenAI emphasized its commitment to maintaining and expanding Promptfoo’s open-source offerings, suggesting the broader developer community will continue to benefit from the underlying testing libraries even after the acquisition.
Industry Context and Competitive Landscape
The acquisition reflects a broader trend among frontier AI labs to address security and safety concerns as their technology moves deeper into enterprise workflows. Companies are under increasing pressure from customers and regulators to demonstrate that advanced AI can be deployed safely in high-stakes environments.
Similar to how traditional software companies invest heavily in application security testing and penetration testing, AI developers are now building specialized tools for the unique attack vectors presented by large language models and autonomous agents. Promptfoo’s focus on testing during development aligns with the “shift-left” security philosophy that has become standard in modern software engineering.
Other AI companies have also begun investing in safety and security infrastructure. The competitive pressure to prove enterprise readiness has accelerated as organizations evaluate AI platforms for mission-critical applications. OpenAI’s move to acquire a dedicated security startup signals confidence that robust testing frameworks will be a key differentiator in winning enterprise contracts.
Bloomberg and other outlets reported the deal as part of OpenAI’s push to help corporate customers reduce risks associated with deploying AI software. The transaction also comes amid growing regulatory scrutiny around AI governance, risk management, and compliance documentation.
Technical and Operational Implications
For developers using OpenAI’s platforms, the integration promises more seamless security testing capabilities directly within the Frontier environment. Rather than managing separate security tools, enterprises will be able to conduct comprehensive vulnerability assessments as part of their normal development and deployment workflows.
The emphasis on automated red-teaming is particularly significant for AI agents. Unlike traditional applications with relatively static code, agentic systems can exhibit unpredictable behavior depending on the tasks they’re assigned and the data they encounter. Continuous evaluation and monitoring will be essential to maintaining security posture as these systems evolve.
OpenAI also highlighted the importance of oversight and accountability features. Integrated reporting and traceability capabilities will help organizations document testing procedures, track changes over time, and meet growing governance, risk, and compliance expectations for AI deployments.
Impact on Developers, Enterprises, and the Industry
For enterprise customers, the acquisition provides reassurance that OpenAI is prioritizing security as it expands its agent platform. Companies already using Promptfoo’s tools may benefit from deeper integration and continued development under OpenAI’s resources.
Developers working on AI agents will gain access to more sophisticated security testing capabilities without needing to adopt additional third-party platforms. The continued support for open-source components should also benefit smaller organizations and independent researchers who rely on Promptfoo’s libraries.
The deal highlights the increasing convergence between AI development and traditional cybersecurity practices. As AI systems take on more autonomous roles, the security challenges they present will require specialized expertise and tooling — areas where startups like Promptfoo have built early leadership.
What’s Next
OpenAI has not provided a specific timeline for full integration of Promptfoo’s technology into the Frontier platform, though the company indicated the process would begin once the deal officially closes. The company has committed to continuing development of Promptfoo’s open-source projects, suggesting ongoing updates and new features for the broader community.
The acquisition may also signal further moves by OpenAI to build out its enterprise security and compliance offerings. As regulatory frameworks around AI continue to evolve globally, capabilities around testing, monitoring, and documentation are likely to become increasingly important competitive factors.
Industry observers will be watching to see whether other frontier labs pursue similar acquisitions or partnerships to strengthen their own safety and security infrastructure. The competitive dynamics around enterprise AI readiness are expected to intensify throughout 2026.