Lawrence Jengar
Mar 19, 2026 00:16
OpenAI announces acquisition of Promptfoo, an AI security platform used by 25% of Fortune 500 companies, to integrate into its Frontier enterprise platform.
OpenAI announced plans to acquire Promptfoo, an AI security testing platform already deployed across more than 25% of Fortune 500 companies. The deal, announced March 17, 2026, will fold Promptfoo’s vulnerability detection tools directly into OpenAI Frontier, the company’s enterprise platform for building AI-powered workflows.
Financial terms weren’t disclosed. The acquisition remains subject to standard closing conditions.
What Promptfoo Actually Does
Founded by Ian Webster and Michael D’Angelo, Promptfoo built both an open-source CLI tool and enterprise platform for stress-testing AI applications. Think penetration testing, but for large language models. The platform catches prompt injections, jailbreaks, data leaks, and what OpenAI calls “out-of-policy agent behaviors” before they hit production.
“As AI agents become more connected to real data and systems, securing and validating them is more challenging and important than ever,” Webster said in the announcement.
The open-source project will continue development post-acquisition, OpenAI confirmed.
Why This Matters for Enterprise AI
OpenAI’s been on a buying spree. This marks at least the sixth acquisition since late 2025, following io Products ($6.5 billion, May 2025), Statsig ($1.1 billion, September 2025), Software Applications Inc. (October 2025), and Neptune (December 2025).
The pattern? OpenAI is building a complete enterprise stack. Statsig brought product testing. Neptune handles model training infrastructure. Now Promptfoo adds security and red-teaming capabilities.
“Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale,” said Srinivas Narayanan, OpenAI’s CTO of B2B Applications.
Frontier Gets Security Upgrades
Post-acquisition, Frontier users can expect automated security testing baked into the platform, integrated compliance reporting, and what OpenAI describes as “traceability” features for governance requirements. Companies deploying AI agents will get tools to document testing and monitor behavioral changes over time.
For enterprises already nervous about deploying autonomous AI systems, these capabilities address real concerns. Regulators worldwide are tightening AI governance requirements, and having audit trails matters.
The acquisition closes a gap that’s been widening as AI agents move from demos to production deployments handling actual business operations.
Image source: Shutterstock
