Proofpoint, in the weeks and months ahead, is readying a raft of sets of artificial intelligence (AI) agents that promise to both automate tasks and provide more robust data security.

Tim Choi, group vice president for product marketing at Proofpoint, said AI agents will soon have access to massive amounts of data, which will make them a tempting target for cybercriminals. The AI agents being developed by Proofpoint will address everything from detecting malicious prompts embedded in emails that direct AI agents to perform a task to limiting what sensitive data can be accessed by an AI agent.

At the same time, Proofpoint is also building a series of Satori AI agents that, beginning next year, will automate security tasks such as responding to data loss prevention (DLP) alerts or investigating email threats reported by end users.

At the core of this initiative is a Model Context Protocol (MCP) server that Proofpoint has developed to create a Secure Agent Gateway that controls how AI agents access data, monitors agent activity, enforces data usage policies, and blocks or redacts sensitive data before it is shared with humans or other agents. Third-party AI agents such as CrowdStrike Charlotte and Microsoft Copilot will also be able to leverage the Proofpoint MCP server to invoke Proofpoint Satori Agents to collaborate across platforms, accelerating security operations, automating repetitive tasks and driving improved security outcomes.

There is also now a separate Proofpoint AI Data Governance tool that enables cybersecurity teams to discover both sanctioned and unsanctioned AI usage, apply prebuilt policies to prevent exfiltration and privacy violations, and govern access via automated workflows.

That latter capability is especially critical because it’s already become apparent that AI agents can be easily manipulated in ways that expose sensitive data or, worse yet, enable cybercriminals to compromise an entire business process.

At the same time, Proofpoint has launched Proofpoint Data Security Complete, an offering that uses Autonomous Custom Classifiers to enable organizations to locate their sensitive data, classify it correctly, control who has access to it, and monitor how people interact with it across all channels, It also can be used to create a consolidated data risk map in addition to enabling one-click remediation of issues via integration with the rest of Proofpoint portfolio.

It’s not clear to what degree cybersecurity teams are revamping their strategies in the age of AI, but it’s now only a matter of time before they will be required to know exactly where every piece of data resides and how it is being managed, said Choi. The only way to achieve that level of visibility and control will be to rely on AI agents, he added.

Of course, adversaries are making similar investments in AI, which in effect means most organizations are now caught up in an AI arms race. The only thing that remains to be seen now is how many organizations might lose that race simply because they lacked the resources or resolve to invest in a next-generation of tools and platforms designed to combat entirely new types of attacks that are only going to increase in volume, speed and sophistication.