OpenAI to Acquire AI Security Startup Promptfoo to Strengthen Enterprise AI Safety and Red-Teaming Capabilities

OpenAI has announced plans to acquire Promptfoo, an artificial intelligence security startup known for developing tools that help organizations test and harden large language models against adversarial attacks. The acquisition reflects the growing importance of AI security as enterprises rapidly deploy generative AI systems across critical workflows, customer services, and internal automation platforms.

Promptfoo specializes in automated red-teaming and vulnerability testing for large language models and AI agents. Its platform allows security teams and developers to simulate attacks such as prompt injection, jailbreak attempts, and sensitive data leakage scenarios before AI applications are deployed into production environments.

The deal signals OpenAI’s broader strategy to embed advanced security testing capabilities directly into its enterprise AI ecosystem, particularly within its Frontier platform used by organizations building and operating AI copilots and automation systems.

Growing demand for AI security and red-teaming tools

As enterprises increasingly adopt generative AI technologies, security teams are facing a new category of threats involving the manipulation of language models through crafted prompts or malicious input. Prompt injection attacks, jailbreak attempts, and data exfiltration scenarios have become common concerns for organizations deploying AI assistants and automated decision systems.

Unlike traditional software vulnerabilities, AI models can behave unpredictably when exposed to carefully constructed prompts. Attackers may attempt to override system instructions, extract hidden data from training contexts, or manipulate outputs in ways that could lead to security incidents or reputational damage.

Promptfoo’s platform addresses these challenges by automating adversarial testing across AI systems. Developers can create testing scenarios that simulate realistic attack patterns, allowing organizations to evaluate how models behave under hostile conditions before releasing them into production environments.

The company’s technology has gained traction among security teams building AI applications for customer support automation, enterprise productivity tools, and digital assistants, where vulnerabilities in AI responses could potentially expose sensitive corporate information.

Promptfoo’s platform focuses on automated LLM testing

Promptfoo developed a testing framework designed specifically for large language models and AI agents. The system allows developers to define evaluation rules, generate adversarial prompts, and run automated test suites against AI models to identify weaknesses.

These tests can simulate scenarios such as prompt injection attempts designed to bypass safety controls, data leakage attempts that try to extract hidden information, and jailbreak techniques intended to override the model’s safety policies.

The platform also provides reporting tools that help engineering teams analyze model responses, measure risk exposure, and implement security guardrails before applications are deployed. In practice, this allows organizations to adopt a structured security testing approach similar to traditional penetration testing but tailored specifically for AI systems.

Promptfoo has raised more than $23 million in venture funding and was reportedly valued at approximately $86 million following a recent funding round that included an $18.4 million Series A investment. Its technology has attracted attention as organizations search for practical tools to evaluate AI safety risks at scale.

Integration into OpenAI’s enterprise ecosystem

Following the acquisition, OpenAI plans to integrate Promptfoo’s testing and red-teaming capabilities into its Frontier platform, which provides infrastructure and tools for enterprises building AI-powered applications. The integration will enable organizations to run automated security evaluations as part of their AI development workflows.

Security testing features are expected to include automated adversarial scenario generation, vulnerability scanning for prompt injection risks, and reporting tools that help organizations measure how their AI systems respond to malicious inputs.

Embedding these capabilities directly into enterprise AI platforms could simplify the process of securing AI systems. Instead of relying on external tools or manual testing procedures, developers would be able to conduct security evaluations during the application development lifecycle.

This approach mirrors the evolution of DevSecOps practices in traditional software engineering, where security testing has become integrated into continuous development pipelines rather than treated as a separate post-development activity.

Open source tools will continue to be supported

As part of the acquisition announcement, OpenAI indicated that it plans to continue supporting Promptfoo’s open source command line interface and developer library. These tools are widely used by developers experimenting with adversarial testing techniques and building custom security workflows for AI applications.

The continued development of open source testing tools is likely to benefit the broader AI research and security community. Independent researchers often rely on such frameworks to explore vulnerabilities in language models, evaluate safety controls, and contribute to the development of stronger AI defenses.

Maintaining an open ecosystem around AI testing tools also aligns with industry calls for greater transparency and collaboration in AI safety research. Many experts believe that identifying vulnerabilities early through open research can help prevent more serious misuse scenarios as AI systems become more powerful.

AI security becomes a strategic priority for technology companies

The acquisition reflects a broader trend across the technology industry where companies are investing heavily in AI safety and adversarial testing capabilities. As AI systems become integrated into enterprise operations, financial services, healthcare, and government systems, vulnerabilities in these models could have significant operational and security implications.

Organizations deploying AI are increasingly being advised to treat language models as complex software systems that require rigorous testing, monitoring, and security controls. This includes evaluating model behavior under adversarial conditions, implementing guardrails to prevent misuse, and monitoring outputs for anomalies.

With generative AI adoption accelerating across industries, the integration of specialized AI security platforms such as Promptfoo into major AI ecosystems could play a crucial role in helping enterprises deploy AI technologies safely and responsibly.