OpenAI Acquires Promptfoo to Bolster Enterprise AI Security

San Francisco, CA – March 10, 2026 – In a significant move to strengthen the security and reliability of enterprise-grade artificial intelligence, OpenAI today announced its acquisition of Promptfoo, a leading AI security platform. This strategic acquisition is set to integrate Promptfoo’s advanced testing and evaluation capabilities directly into OpenAI Frontier, the company's dedicated platform for building and operating AI coworkers. The acquisition, pending customary closing conditions, marks a pivotal step in addressing the escalating need for robust AI security as organizations increasingly deploy sophisticated AI agents into real-world business workflows.

As AI systems, particularly agentic AI, become more autonomous and deeply embedded in critical operations, the challenges of evaluation, security, and compliance have amplified. Enterprises require systematic methodologies to thoroughly test agent behavior, identify potential risks before deployment, and maintain comprehensive records for ongoing oversight, governance, and accountability. Promptfoo, recognized for its powerful suite of tools trusted by over 25 percent of Fortune 500 companies, offers exactly these capabilities, along with a widely adopted open-source command-line interface (CLI) and library for evaluating and red-teaming Large Language Model (LLM) applications.

Integrating Advanced AI Security Testing into OpenAI Frontier

The core objective of this acquisition is to seamlessly embed Promptfoo's sophisticated security features into OpenAI Frontier. OpenAI Frontier is designed to empower businesses to develop and manage AI coworkers efficiently, and this integration will significantly enhance its foundational security posture. Srinivas Narayanan, CTO of B2B Applications at OpenAI, emphasized the strategic importance: “Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale. Their work helps businesses deploy secure and reliable AI applications, and we’re excited to bring these capabilities directly into Frontier.”

The integration will focus on several critical areas, transforming how enterprises approach AI development and deployment:

Key Enhancements from Promptfoo Integration

Feature Area	Description	Benefit for Enterprises
Native Security & Safety Testing	Automated security testing and red-teaming capabilities built directly into the Frontier platform.	Proactively identifies and remediates risks like prompt injections, jailbreaks, data leaks, and tool misuse before deployment.
Integrated Development Workflows	Deep integration of security and evaluation tools within the AI development lifecycle.	Enables earlier detection, investigation, and remediation of agent risks, making security a core part of development.
Enhanced Oversight & Accountability	Integrated reporting and traceability features for comprehensive documentation and monitoring of AI systems.	Supports robust governance, risk, and compliance (GRC) requirements, providing clear audit trails and transparency.
Open-Source Continuity	Continued development and maintenance of Promptfoo's open-source CLI and library.	Fosters community innovation and provides accessible tools for LLM evaluation and red-teaming, benefiting a wider developer base.

This comprehensive approach ensures that security is not an afterthought but an intrinsic part of the AI development and operation process within the Frontier ecosystem.

Promptfoo's Proven Expertise: A Foundation for Secure AI

The team behind Promptfoo, led by co-founders Ian Webster and Michael D’Angelo, has established a reputation for delivering practical and effective solutions for AI security. Their open-source contributions have been instrumental in fostering a community-driven approach to evaluating LLM behavior, while their enterprise offerings have garnered trust among a quarter of the Fortune 500.

Ian Webster articulated the driving force behind Promptfoo and the excitement for this new chapter: “We started Promptfoo because developers needed a practical way to secure AI systems. As AI agents become more connected to real data and systems, securing and validating them is more challenging and important than ever. Joining OpenAI lets us accelerate this work, bringing stronger security, safety, and governance capabilities to the teams building real-world AI systems.” This sentiment underscores the shared vision of both companies to advance secure and reliable AI.

Addressing Critical AI Risks: From Prompt Injections to Data Leaks

The integration will directly tackle some of the most pressing security concerns in AI today. Automated security testing and red-teaming capabilities will become a native part of OpenAI Frontier, enabling enterprises to proactively identify and mitigate a spectrum of vulnerabilities, including:

Prompt Injections: Malicious inputs designed to manipulate an AI's behavior or output. Understanding best practices for prompt engineering with the OpenAI API is crucial here, and Promptfoo's tools will automate the detection of such vulnerabilities.
Jailbreaks: Techniques used to bypass an AI's inherent safety mechanisms and ethical guidelines.
Data Leaks: Unauthorized disclosure or access to sensitive information processed by AI agents. Maintaining robust enterprise privacy becomes even more critical with agentic AI.
Tool Misuse: Ensuring AI agents interact with external tools and systems only in intended and secure ways.
Out-of-Policy Agent Behaviors: Detecting when an AI agent deviates from established operational guidelines or ethical boundaries.

By embedding these capabilities directly into development workflows, enterprises can identify, investigate, and remediate agent risks much earlier, fostering a "security by design" paradigm for AI systems.

Enhancing AI Governance and Accountability for Enterprises

The proliferation of AI agents in business environments necessitates rigorous governance, risk, and compliance (GRC) frameworks. The enhanced OpenAI Frontier platform will significantly bolster an organization's ability to meet these demands. Integrated reporting and traceability features will be paramount, helping organizations to:

Document Testing: Maintain clear and auditable records of all security testing and evaluation activities.
Monitor Changes: Track how AI system behaviors evolve over time and assess the impact of updates or modifications on security posture.
Meet Compliance Expectations: Satisfy growing regulatory requirements for AI transparency, safety, and ethical deployment across various industries.

This focus on comprehensive oversight and accountability will empower enterprises to deploy AI coworkers with greater confidence, knowing they can demonstrate adherence to internal policies and external regulations.

The Future of Secure Agentic AI Development

The acquisition of Promptfoo by OpenAI represents a powerful commitment to advancing the frontier of secure and reliable AI. By combining OpenAI’s leading-edge AI models and platform capabilities with Promptfoo’s specialized expertise in AI security testing, the industry is poised for a new era of enterprise AI adoption where safety and trust are built in from the ground up.

As the closing of the acquisition proceeds, the collective effort of both teams promises to deliver a platform that not only enables groundbreaking AI applications but also ensures they operate with the highest standards of security, ethics, and accountability. This strategic union will accelerate the journey toward a future where AI coworkers can be seamlessly and safely integrated into every aspect of enterprise operations.

Original source

https://openai.com/index/openai-to-acquire-promptfoo/

Frequently Asked Questions

What is Promptfoo, and what problem does it solve for AI development?

Promptfoo is an advanced AI security platform specializing in identifying and remediating vulnerabilities within AI systems during their development lifecycle. It provides a comprehensive suite of tools, including a widely used open-source CLI and library, for evaluating and red-teaming Large Language Model (LLM) applications. The platform directly addresses the critical challenge of ensuring AI safety, security, and compliance as enterprises increasingly deploy sophisticated AI agents and coworkers into real-world workflows. By enabling systematic testing of agent behavior, detection of risks pre-deployment, and maintenance of clear audit trails, Promptfoo helps businesses build and operate secure, reliable, and accountable AI solutions, mitigating potential issues like prompt injections, jailbreaks, and data leaks before they impact operations.

Why is OpenAI acquiring Promptfoo, and what is the strategic significance?

OpenAI's acquisition of Promptfoo is a strategic move to significantly accelerate its agentic security testing and evaluation capabilities, particularly within its OpenAI Frontier platform. The acquisition underscores OpenAI's commitment to enabling safe and secure deployment of enterprise-grade AI. As AI coworkers become more integrated into critical business processes, the need for robust security, evaluation, and compliance frameworks becomes paramount. By bringing Promptfoo's proven expertise and tools in-house, OpenAI aims to provide enterprises with native, comprehensive solutions for identifying and remediating AI risks such as prompt injections, jailbreaks, and data leaks. This integration is crucial for fostering trust, ensuring governance, and meeting regulatory demands for AI deployments at scale.

What is OpenAI Frontier, and how does Promptfoo enhance its capabilities?

OpenAI Frontier is OpenAI's dedicated platform designed for enterprises to build, deploy, and operate AI coworkers effectively and securely within their existing ecosystems. It serves as the operational backbone for integrating advanced AI into real-world business workflows. With the acquisition of Promptfoo, Frontier will gain significantly enhanced, native capabilities in AI security testing, evaluation, and governance. Promptfoo's technology will integrate automated security testing and red-teaming directly into the Frontier platform, empowering enterprises to proactively identify and remediate critical risks like prompt injections, jailbreaks, and out-of-policy agent behaviors. This strategic addition transforms Frontier into an even more robust and trustworthy platform for developing and managing secure, compliant, and accountable AI solutions at scale.

How will Promptfoo's technology be integrated into OpenAI Frontier for enterprises?

Promptfoo's technology will be deeply integrated into OpenAI Frontier, becoming a native and foundational component for enterprise AI development and operations. This integration will manifest in several key ways: automated security testing and red-teaming capabilities will be built directly into the platform, allowing for continuous identification and remediation of risks such as prompt injections, jailbreaks, and data leaks. Furthermore, these security and evaluation tools will be seamlessly woven into enterprise development workflows, enabling the identification and remediation of agent risks earlier in the lifecycle. Finally, integrated reporting and traceability features will be enhanced, providing comprehensive documentation of testing, monitoring of changes, and support for robust AI governance, risk, and compliance requirements.

What specific AI security risks will the integrated OpenAI Frontier platform address?

The integrated OpenAI Frontier platform, powered by Promptfoo's technology, will directly address a range of critical AI security risks that are increasingly relevant for enterprise deployments. These include prompt injections, where malicious inputs manipulate an AI's behavior; jailbreaks, which bypass safety mechanisms; data leaks, preventing unauthorized access or exposure of sensitive information; tool misuse, ensuring AI agents only interact with approved tools as intended; and out-of-policy agent behaviors, guaranteeing that AI actions align with organizational guidelines and ethical standards. By automating the detection and remediation of these vulnerabilities, the platform aims to significantly enhance the safety, reliability, and trustworthiness of AI coworkers operating within enterprise environments.

Will the open-source Promptfoo project continue after the acquisition?

Yes, the open-source Promptfoo project, which includes its widely used CLI and library for evaluating and red-teaming LLM applications, will indeed continue to be supported and developed even after the acquisition by OpenAI. Both OpenAI and the Promptfoo team, led by co-founder Ian Webster, have committed to continuing to build on the open-source project. This commitment ensures that the broader developer community will still benefit from Promptfoo's innovative tools, while its integrated enterprise capabilities will be further advanced within OpenAI's Frontier platform. This dual approach allows for both community-driven innovation and enterprise-focused security solutions.

What are the primary benefits for enterprises using the enhanced OpenAI Frontier platform?

Enterprises utilizing the enhanced OpenAI Frontier platform will gain significant advantages in deploying and managing AI coworkers. Key benefits include dramatically improved security posture through automated testing and red-teaming, proactively identifying vulnerabilities like prompt injections and data leaks before deployment. The deep integration of security into development workflows will enable earlier risk detection and remediation, making security an inherent part of AI system development. Furthermore, comprehensive oversight and accountability features, including integrated reporting and traceability, will help organizations meet stringent governance, risk and compliance (GRC) requirements. This ensures secure, reliable, and compliant AI deployments, fostering trust and enabling responsible scaling of AI within complex organizational structures.

Stay Updated

Get the latest AI news delivered to your inbox.