OpenAI has acquired Promptfoo, an AI security startup specializing in “red-teaming” – a process of rigorously testing AI systems for vulnerabilities – in a move signaling a heightened focus on the security of its rapidly expanding enterprise AI offerings. The acquisition, announced Monday, will integrate Promptfoo’s technology into OpenAI’s Frontier platform, launched just last month, designed to give businesses access to powerful AI agents capable of automating complex tasks.
The move comes as AI agents gain traction in enterprise settings, prompting concerns about potential misuse, data breaches, and unintended consequences. Promptfoo’s tools are designed to proactively identify and mitigate these risks, offering a critical layer of security for organizations deploying AI at scale. The company has established itself as a key player in the emerging field of AI security, with a user base that includes over 30% of Fortune 500 companies, according to Promptfoo.
Promptfoo’s origins lie in the challenges faced by its co-founder, Ian Webster, while leading LLM engineering at Discord. He observed a gap in the security tools available for AI applications, noting that traditional vulnerability scanners were ill-equipped to handle the unique risks posed by large language models (LLMs), such as prompt injection attacks. “Traditional vulnerability scanners could not reason about prompt injection,” the company explained in a blog post announcing the acquisition. Webster initially built Promptfoo as an open-source project to address this necessitate, and it quickly gained traction within the developer community.
The acquisition price was not disclosed, but Promptfoo had raised approximately $23.4 million in funding prior to the deal, including a $5 million seed round in 2024 led by Andreessen Horowitz and an $18.4 million Series A round in July 2025 led by Insight Partners, with participation from a16z. Notable angel investors in the company included Shopify CEO Tobi Lütke, Discord CTO Stanislav Vishnevskiy, and Okta co-founder Frederic Kerrest, demonstrating early confidence in the company’s potential.
Automated Adversarial Testing for AI Systems
Promptfoo’s platform functions as an automated adversary, simulating attacks on AI applications through their chat interfaces or APIs. This allows developers to identify vulnerabilities like prompt injection, data leakage, and “application-level” failures – instances where an AI system promises capabilities it doesn’t possess or reveals sensitive information. The platform then analyzes successful attacks and iteratively refines its testing strategies to uncover deeper weaknesses.
This approach is particularly relevant to OpenAI’s Frontier platform, which aims to provide “AI coworkers” for businesses, granting AI agents access to critical systems like CRM platforms and data warehouses. Early adopters of Frontier include major corporations such as Uber, State Farm, Intuit, and Thermo Fisher Scientific, highlighting the need for robust security measures. OpenAI has likewise been simultaneously rolling out Codex Security, an AI-powered application security agent, further demonstrating its commitment to securing its enterprise AI offerings.
A Growing Market for AI Security
Promptfoo isn’t the only company addressing the growing need for AI security. Anthropic recently launched Claude Code Security, offering similar vulnerability scanning capabilities. This convergence suggests that securing AI systems is rapidly becoming a key competitive battleground in the enterprise AI space.
OpenAI has pledged to maintain Promptfoo as an open-source project under its current license, ensuring continued support for its existing community of over 248 contributors and developers at companies like Anthropic and Google. This commitment is crucial, as the project’s success has been built on the premise of community ownership and collaboration.
What’s Next for AI Security
The acquisition of Promptfoo underscores the increasing importance of AI security as these technologies grow more deeply integrated into business operations. As AI agents gain greater access to sensitive data and critical systems, the need for proactive security measures will only intensify. The continued development and adoption of tools like Promptfoo, and the open-source commitment from OpenAI, will be vital in ensuring the responsible and secure deployment of AI at scale.
What are your thoughts on the acquisition? Share your insights in the comments below, and don’t forget to share this article with your network!
