At RSA Conference 2026, Proofpoint announced Proofpoint AI Security, a platform built on what the company calls intent-based detection. The product surfaces from the acquisition of Acuvity, completed earlier in 2026, and packages that capability alongside a new governance construct called the Agent Integrity Framework. On the surface, this reads as a product launch. Below the surface, it is a repositioning argument: Proofpoint is claiming that the dominant security problem of the agentic era is not access control but intent verification, and that it is the company best positioned to own that problem.

Whether that argument holds up is the right question for any Chief Information Security Officer considering this platform. The announcement gives enough to analyze.

The Problem Proofpoint Is Naming

The shift to agentic workspaces changes the threat surface in a specific way. When an AI agent executes a workflow, a single user request can trigger dozens of autonomous actions across multiple connected systems, often without further human review. Traditional security tooling was built to answer: does this user or system have permission to do this? It was not built to answer: is what this agent is doing consistent with what the user actually wanted?

That gap is real. A coding assistant with broad permissions can be manipulated through a prompt injection to exfiltrate data while appearing to perform a legitimate task. A workflow automation agent can escalate its own privileges across a chain of tool calls that individually look authorized. Proofpoint's framing, drawn from Acuvity's research, is that roughly 70 percent of organizations currently lack effective governance over these interactions, and half expect to experience AI-related data loss within a year. Those figures come from Acuvity's own 2025 survey, which Proofpoint now owns, so the sourcing has an obvious commercial interest baked in. But the underlying governance gap is independently observable. Most enterprises deployed AI tools faster than they deployed AI oversight.

What the Acuvity Acquisition Is Actually Delivering

Acuvity was building a product designed to monitor and govern AI tool usage in enterprise environments, with particular focus on developer toolchains and large language model integrations. The core technical contribution is visibility into the semantic content of AI interactions, not just the traffic metadata. That is the ingredient Proofpoint did not have organically.

Proofpoint AI Security operates across endpoints, browser extensions, and Model Context Protocol connections. The Model Context Protocol, or MCP, is the emerging standard that allows AI agents to connect to external tools and data sources. Coverage of MCP connections is worth noting because it is where the risk is migrating fastest: developer environments running agent-connected coding assistants and MCP-integrated tools are among the highest-exposure surfaces in the enterprise today, and almost no legacy security tooling has meaningful instrumentation there.

The Agent Integrity Framework: Governance Architecture or Marketing Structure?

The Agent Integrity Framework is a five-phase maturity model running from initial AI discovery through runtime enforcement. Its five pillars are Intent Alignment, Identity and Attribution, Behavioral Consistency, Auditability, and Operational Transparency. Proofpoint is framing this as a Chief Information Security Officer roadmap, a way to operationalize AI governance without requiring a full architecture replacement.

The framework structure is coherent. Enterprise security teams do need a phased approach to governing agent behavior, and the five pillars map reasonably to real governance requirements. The more practical question is whether the framework is primarily a conceptual contribution or whether each phase corresponds to specific Proofpoint product capabilities. Frameworks that arrive without testable controls tend to function as sales methodology rather than governance architecture. Proofpoint should be pressed on which phase of maturity corresponds to which product capability, and what happens when a customer reaches phase five but still has agent behavior the platform cannot explain.

The Broader RSA 2026 Picture for Proofpoint

The AI Security announcement was not the only move Proofpoint made at RSA Conference 2026. A week later, the company announced a unified email security architecture combining its Secure Email Gateway and application programming interface-based protection into a single deployment, alongside new AI data access governance capabilities covering human, non-human, and AI agent access to sensitive data. Data Security Posture Management, or DSPM, capabilities were extended to on-premises environments. These are expected in the second quarter of 2026.

Taken together, the RSA announcements form a consistent argument. Proofpoint is positioning itself as the platform that covers people, data, and AI agents in a single governance layer. The incumbent strength is in email security and data loss prevention. The new claim is that this foundation allows a natural extension to governing AI agent behavior, because the company already understands how to evaluate whether communications and data interactions align with authorized intent. That logical extension is plausible. Whether the Acuvity integration delivers it at the depth enterprise customers will require is not yet testable from public announcements alone.

What Proofpoint Is Betting

The bet is that intent-based verification becomes the organizing principle of enterprise AI security, the same way behavior-based detection displaced signature-based antivirus in endpoint security. If that framing wins, Proofpoint's combination of human communication security, data governance, and now agent intent monitoring gives it a differentiated position. If the market instead converges on identity-centric controls or on network-layer inspection, the intent framing becomes a feature rather than a category definition.

The MCP coverage is the sharpest edge of the announcement. Most security vendors are not yet instrumented at the agent-to-tool connection layer. Proofpoint is claiming it is. That claim deserves direct scrutiny in any proof-of-concept environment.

Sources

Proofpoint, Inc. "Proofpoint Unveils Industry's Newest Intent-Based AI Security Solution to Protect Enterprise AI Agents." GlobeNewswire, 17 Mar. 2026.
Proofpoint, Inc. "Intent by Design: Security for Autonomous AI." Proofpoint Blog, 17 Mar. 2026.
Proofpoint, Inc. "Proofpoint Redefines Email and Data Security for the Agentic Workspace." GlobeNewswire, 23 Mar. 2026.
Help Net Security. "Proofpoint Addresses AI Threats with Intent-Based Security." 17 Mar. 2026. Image Source: Grok. The image is not a representation of proofPoint's framework.