Proofpoint Advances Cyber Defense with Active Exploits Protection Against AI-Driven Threats
In a significant move to bolster cybersecurity, Proofpoint has introduced Active Exploits Protection, a solution aimed at helping organizations combat the rising threat of AI-accelerated cyberattacks. This innovative tool leverages real-time threat intelligence derived from Proofpoint’s extensive telemetry, enabling organizations to identify vulnerabilities that are actively exploited in the wild. By translating this intelligence into immediate protective measures, the solution addresses critical attack vectors that are increasingly targeted by cybercriminals.
The Evolving Threat Landscape
The landscape of cybersecurity is rapidly changing, driven by advancements in artificial intelligence. Sophisticated AI models, including those capable of autonomously discovering software vulnerabilities, are accelerating the pace at which these vulnerabilities are identified and weaponized. This shift has rendered traditional patch cycles inadequate, as the time from vulnerability discovery to active exploitation has shrunk from years to mere hours. In some instances, attacks are initiated before the risks are even cataloged in public tracking frameworks. As a result, conventional patch-based security strategies are struggling to keep pace with the speed of emerging threats.
Real-World Exploitation Intelligence
Proofpoint’s strength lies in its dual-source visibility into how vulnerabilities are exploited in real-world scenarios, often before they are acknowledged in public risk assessments. The company’s attack telemetry encompasses hundreds of millions of daily email interactions, supported by a global network of over 5,000 sensors. This infrastructure has generated more than three million exploit-related alerts in 2026 alone. Notably, Proofpoint has identified 12 actively exploited CVEs (Common Vulnerabilities and Exposures) for 2026, compared to just eight listed in the CISA’s Known Exploited Vulnerabilities (KEV) catalog. Active Exploits Protection operationalizes this intelligence, transforming real-world malicious activity into prioritized remediation strategies and immediate defenses.
Sumit Dhawan, CEO of Proofpoint, emphasized the urgency of adapting to the evolving threat landscape. He stated, “The speed at which threats are evolving has fundamentally changed the risk equation. It’s no longer enough to identify vulnerabilities. Organizations need to understand what attackers are exploiting in real time and reduce their exposure immediately. By combining real-world exploit intelligence with protections across the primary attack paths, we can help defend at the speed today’s threats spread.”
Addressing Vulnerability Overload
As the volume of disclosed vulnerabilities continues to surge, with AI accelerating discovery, it is noteworthy that fewer than 6% of these vulnerabilities are ever observed being exploited in real-world attacks. Security teams often find themselves overwhelmed by numerous “critical” findings, forced to sift through thousands of alerts without clear indicators of what truly heightens risk. This situation frequently leads organizations to allocate resources based on theoretical severity scores rather than actual attacker behavior.
Active Exploits Protection aims to shift this paradigm, allowing organizations to move beyond mere patch velocity toward real-time exposure reduction. By grounding its approach in observed attacker activity, the solution empowers security teams to concentrate their remediation efforts on vulnerabilities that materially reduce risk. This strategy not only shortens the window between vulnerability discovery and defense but also helps to thwart exploit-driven threats before they can disrupt business operations.
Core Capabilities of Active Exploits Protection
To facilitate this operational shift, Active Exploits Protection offers four key capabilities:
-
Prioritize Actively Exploited Vulnerabilities: The solution identifies vulnerabilities confirmed to be in active use based on Proofpoint’s telemetry, which spans over 3 million organizations and 14,000 large enterprises. This prioritization is informed by observed attacker behavior rather than theoretical severity scores, enabling security teams to focus their remediation efforts on vulnerabilities that pose the greatest risk.
-
Enable Immediate Protection: Exploit intelligence is translated into protective measures in approximately 35 seconds, with network-wide implementation occurring in under 18 minutes. This rapid response reduces the exposure window for zero-day and newly weaponized threats to a median of mere minutes, even before patching has commenced. The platform maintains an impressive detection precision of 99.999% across more than two billion emails analyzed daily.
-
Faster, Threat-Informed Decisions: Active Exploits Protection streamlines the transition from threat identification to protection deployment. It provides real-time context for investigations and allows customers to access and customize attack intelligence via APIs. The solution seamlessly integrates with existing Security Operations Center (SOC) tools, vulnerability management platforms, and automation pipelines.
-
Scale with AI-Driven Workflows: Tailored for modern security operations, the solution lays the groundwork for AI-driven and automated workflows. By embedding exploit intelligence directly into operational processes, organizations can minimize manual triage and effectively operationalize exposure reduction at scale.
Global Availability and Future Implications
Proofpoint’s Active Exploits Protection is now available globally, delivered through integrated platform capabilities and API access. This development not only enhances the security posture of organizations but also reflects a broader trend in the cybersecurity industry toward real-time, intelligence-driven defense mechanisms.
As organizations continue to grapple with the complexities of modern cyber threats, solutions like Active Exploits Protection represent a crucial step forward. By focusing on real-world exploitation and enabling immediate protective measures, Proofpoint is positioning itself as a leader in the fight against increasingly sophisticated cyber adversaries.
Source: securitymea.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.


