Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era

Proofpoint, Inc. introduced Active Exploits Protection, a solution that uses observed exploit activity to identify vulnerabilities actively abused in the wild and translate that intelligence into immediate protection across the primary attack paths. The company framed the update around faster cycles for exploit discovery and weaponization that can outpace patch-based approaches.

The company linked its approach to dual-source visibility into how vulnerabilities are exploited, often before public risk frameworks reflect the risk. Proofpoint said its attack telemetry spans hundreds of millions of daily email interactions and a network of more than 5,000 sensors, which generated over three million exploit-related alerts in 2026 alone. Proofpoint added that it identified 12 actively exploited 2026 CVEs compared to eight listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Active Exploits Protection operationalized Proofpoint’s exploit intelligence into remediation prioritization and protections across primary attack paths. The solution’s described capabilities included identifying vulnerabilities confirmed to be used in the wild based on Proofpoint telemetry, translating exploit intelligence into protection in approximately 35 seconds with network-wide propagation in under 18 minutes, and maintaining 99.999% detection precision. Proofpoint also said the solution shortened the time between threat identification and protection deployment, added real-time context for investigations, and enabled customers to access and tailor attack intelligence via APIs, while integrating with existing SOC tools, vulnerability management platforms, and automation pipelines.

The company said Active Exploits Protection delivered four core capabilities and was available globally today through integrated platform capabilities and API access. Sumit Dhawan, CEO of Proofpoint, said, “The speed at which threats are evolving has fundamentally changed the risk equation,” said Sumit Dhawan, CEO of Proofpoint. “It’s no longer enough to identify vulnerabilities. Organizations need to understand what attackers are exploiting in real time and reduce their exposure immediately. By combining real-world exploit intelligence with protections across the primary attack paths, we can help defend at the speed today’s threats spread.” Vishal Salvi, Global Head of Cognizant's Cybersecurity Service Line, said, “Proofpoint's Active Exploits Protection offers that focus, and Cognizant intends to help our clients operationalize it through our managed security and threat response services, so they can prioritize remediation where it matters most.”