OpenAI Acquires Leading AI Red-Teaming Tool Used by Fortune 500
▼ Summary
– OpenAI has acquired Promptfoo, a company specializing in AI application security, and will integrate its technology into its new enterprise agent platform, Frontier.
– Promptfoo was created to address the lack of existing security testing tools for AI applications, which traditional scanners could not handle, focusing on risks like prompt injection and data leakage.
– The acquisition is strategic for OpenAI as Frontier gives AI agents high-level access to enterprise systems, significantly expanding the potential attack surface that needs securing.
– Promptfoo had raised approximately $23.4 million in funding and had a significant user base of over 125,000 developers and more than 30 Fortune 500 companies prior to the acquisition.
– The deal reflects a growing commercial focus on AI security, with OpenAI pledging to keep Promptfoo’s core project open source while integrating it into its commercial platform.
OpenAI has made a significant strategic move into the AI application security arena with its acquisition of Promptfoo, a leading red-teaming platform. This technology will be integrated into OpenAI Frontier, the company’s recently launched enterprise agent platform, directly enhancing its security testing and evaluation capabilities for major corporate clients.
The story of Promptfoo began with a practical problem faced by its co-founder, Ian Webster. While leading the LLM engineering team at Discord, he realized the existing security toolset was inadequate for the unique challenges posed by AI applications. Traditional scanners couldn’t understand prompt injection, and static analysis was useless against a model making unauthorized promises. Convinced a proper testing framework was missing, Webster built the initial solution as an open-source project during his spare time. That project evolved into the company OpenAI has now purchased.
While the financial terms remain confidential, OpenAI has stated that the acquisition will fortify agentic security testing within the Frontier platform. The company has also pledged that Promptfoo will remain open source under its current licence, with ongoing support for its existing user base. Prior to the acquisition, Promptfoo had secured approximately $23.4 million in venture funding from investors like Andreessen Horowitz and Insight Partners, attracting notable angel backers including Shopify’s CEO and Discord’s CTO.
The platform’s commercial traction was substantial, boasting over 125,000 developers using its open-source framework and more than 30 Fortune 500 companies employing its enterprise product. Its customer base spans high-risk sectors like finance, retail, and telecom, where the consequences of AI failure are severe. The tool operates as an automated adversary, using specialized models and agents to simulate user interactions and malicious attacks directly through a client’s AI application interface. It systematically tests for risks like prompt injection, data leaks, and jailbreaks, but also targets what Webster terms “application-level” failures, instances where an AI system overpromises, inadvertently reveals sensitive data, or exhibits inappropriate behavior.
This focus on application-level security is precisely why the acquisition aligns with OpenAI’s strategy for Frontier. Designed to function as “AI coworkers” with access to critical business systems like CRMs and data warehouses, agents operating on the Frontier platform create a substantially enlarged attack surface. For early enterprise clients such as Uber, State Farm, and Intuit, a malfunctioning agent represents a serious liability, not a minor glitch. Securing these systems is therefore paramount.
OpenAI has been rapidly expanding Frontier’s ecosystem, forming alliances with major consulting firms like Accenture and McKinsey to drive enterprise adoption. The acquisition of Promptfoo coincides with the broader rollout of another internal security tool, now called Codex Security. This flurry of activity underscores a growing market trend, as evidenced by Anthropic’s recent launch of its own Claude Code Security product. As AI agents scale in production environments, the competition to provide their security is becoming a central commercial battleground in enterprise AI.
For the extensive open-source community behind Promptfoo, which includes over 248 contributors and users at companies like Anthropic and Google, OpenAI’s commitment to maintaining the project’s open-source status is a critical assurance. The tool’s widespread adoption was built on its independence from any single vendor. Its future now involves a deep commercial integration into one of the market’s most influential AI platforms, balancing its community roots with powerful new corporate backing.
(Source: The Next Web)
