OpenAI is acquiring Promptfoo, an AI security platform designed to help enterprises detect and remediate vulnerabilities in AI systems during the development process, the company announced on its official blog.
The move comes as AI security has emerged as a critical concern for enterprise buyers deploying large language models in production environments. Promptfoo, which operates as an open-source-rooted testing and red-teaming platform, allows developers to probe AI applications for weaknesses — including prompt injection, data leakage, and model misbehaviour — before those systems reach end users.
This acquisition positions OpenAI not just as a model provider, but as a full-stack partner for enterprises that need to build, test, and secure AI applications.
Why OpenAI Is Moving Into AI Security Tooling
OpenAI's existing enterprise push — centred on ChatGPT Enterprise, the API, and its Assistants product line — has increasingly brought the company into contact with large organisations that require compliance, auditability, and risk management. Acquiring a dedicated security testing platform addresses a gap: OpenAI could train and deploy capable models, but enterprises needed third-party tools to verify that their implementations of those models were safe.
By bringing Promptfoo in-house, OpenAI can integrate vulnerability testing and evaluation tooling directly into the developer experience. This reduces friction for enterprise customers who would otherwise need to work with separate vendors for model access, application development, and security validation.
What Promptfoo Does — and Why It Attracted OpenAI
Promptfoo built its reputation in the developer community partly through its open-source tooling, which allows teams to run automated evaluations — known as evals — against AI systems. These evals test how a model or AI application responds to adversarial inputs, edge cases, and attempts to bypass safety guardrails.
The platform sits at the intersection of two fast-growing categories: AI evaluation and AI red-teaming. Enterprises increasingly require both before approving AI deployments, particularly in regulated industries such as finance, healthcare, and legal services. Promptfoo's approach of integrating security testing into the development pipeline — rather than treating it as a post-deployment audit — aligns closely with how engineering teams want to work.
Financial terms of the acquisition were not disclosed by OpenAI, and headcount figures for Promptfoo were not included in the announcement.
Competitive Implications for the AI Security Market
The acquisition puts pressure on a cluster of startups and established players operating in the AI security and evaluation space. Companies such as Protect AI, Robust Intelligence (acquired by Cisco in 2024), and Mindgard compete in adjacent territory, offering vulnerability scanning and red-teaming services for AI systems. Promptfoo's absorption into OpenAI removes one independent vendor from that market and raises the prospect that OpenAI's security tooling could become the default for the large number of developers already building on its API.
For Microsoft, OpenAI's largest investor and commercial partner, the deal has potential implications. Microsoft has its own AI safety and evaluation initiatives under Azure AI, and closer integration of Promptfoo's capabilities into OpenAI's stack could create new alignment — or new tension — between the two companies' enterprise offerings.
What Happens Next for Promptfoo's Open-Source Community
One of the more consequential near-term questions is what OpenAI intends to do with Promptfoo's open-source codebase. A significant portion of Promptfoo's developer adoption came through its freely available tools, and the open-source community around AI evaluation is active and vocal. OpenAI did not specify in its announcement whether the open-source project would continue under its current licence or be brought under a more restrictive model.
The answer matters beyond Promptfoo's existing users. If OpenAI maintains the open-source posture, it could accelerate adoption of its security standards across the industry. If it closes or limits the project, it risks alienating the developer community that gave Promptfoo its credibility in the first place.
What This Means
OpenAI is expanding its ambition beyond model development into the infrastructure layer that enterprises need to deploy AI responsibly — and the Promptfoo acquisition is a concrete step toward making OpenAI the end-to-end platform of choice for security-conscious enterprise buyers.