OpenAI to acquire AI security platform Promptfoo

OpenAI are acquiring Promptfoo, an AI security platform that helps enterprises identify and remediate vulnerabilities in AI systems during development. Once the acquisition is finalized, OpenAI will integrate Promptfoo’s technology directly into OpenAI Frontier, their platform for building and operating AI coworkers.

As enterprises deploy AI coworkers into real workflows, evaluation, security, and compliance become foundational requirements. Enterprises need systematic ways to test agent behavior, detect risks before deployment, and maintain clear records to support oversight, governance, and accountability over time.

The Promptfoo team, led by Ian Webster and Michael D’Angelo, has built a powerful suite of tools trusted by over 25 percent of Fortune 500 companies, along with a widely used open-source⁠(opens in a new window) CLI and library for evaluating and red-teaming LLM applications. Together, the companies will continue building the open-source project while also advancing the integrated enterprise capabilities within Frontier.

“Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale. Their work helps businesses deploy secure and reliable AI applications, and we’re excited to bring these capabilities directly into Frontier,” said Srinivas Narayanan, CTO of B2B Applications, OpenAI.

OpenAI will build on several core capabilities for enterprises building agents on Frontier:

• Security and safety testing built into the platform: Automated security testing and red-teaming capabilities will become a native part of the Frontier platform, helping enterprises identify and remediate risks like prompt injections, jailbreaks, data leaks, tool misuse, and out-of-policy agent behaviors.
• Security and evaluation integrated in development workflows: Frontier will deeply integrate with the workflows needed to identify, investigate, and remediate agent risks earlier, making security a core part of how enterprise AI systems are developed and operated.
• Oversight and accountability: Integrated reporting and traceability will help organizations document testing, monitor changes over time, and meet growing governance, risk, and compliance expectations for AI.