Just as digital transformation created the digital workspace, AI transformation is ushering in the agentic workspace. In this emerging environment, people and AI agents collaborate side by side. But, while AI agents boost productivity for organizations, they also help attackers scale and amplify the attack surface. Generative AI tools enable attackers to quickly generate convincing phishing lures and realistic fake login pages at scale. Attackers can also deliver hidden prompts that deliver malicious information to end users, confuse AI-based defenses, and even exfiltrate data that an AI assistant has access to.
In effect, the agentic workspace enables adversaries to hijack trust as the major attack method. That includes the trust you have with your co-workers, suppliers, customers, and partners. It also includes the trust your employees have with the tools they use every day, such as email, collaboration apps, cloud apps, and now AI copilots and assistants. As a result of the new agentic workspace, organizations need to approach protecting their organizations from threats in a different way. To do so, they need a holistic platform that:
- Understands complex, multi-channel interactions that happen between humans
- Uncovers and protects against multi-channel threats
- Authenticates human, application, and agent communications
- Builds human resilience and enables safe adoption of the agentic workspace
- Leverages agents as a force multiplier for security teams
Proofpoint provides a comprehensive platform that enables people and agents to trust agentic workspace collaboration. Here are some innovations that we are introducing at our 2025 Protect conference.
Understand complex, multi-channel interactions
Business value is created through collaboration and communication that happens between our users and suppliers, customers, co-workers and other trusted entities. These interactions don’t just happen over email. They happen over collaboration platforms like Teams and Slack. They happen over SaaS and cloud apps. And in the agentic workspace, they happen with AI copilots, assistants, and agents. These trusted interactions are what threat actors exploit and where the risk lives.
As a result, security teams need to see these complex, multi-channel interactions, graph them together and understand how they connect. Beyond that, threats need to be overlaid against this interaction graph so that teams can understand the full breadth of an attack and where to prioritize their investigations.
To that end, Proofpoint is announcing Threat Interaction Map, available in Q1 2026 as part of Prime Threat Protection™. Threat Interaction Map helps SOC teams visualize and map user interactions with threats across multiple channels and stages. By visualizing a user’s interaction with a threat, it provides a consolidated, at-a-glance view of safe versus risky interactions. Examples include:
- Safe: No permitted clicks on malicious links, no suspicious logins, no corporate password entered
- Risky: Clicking a malicious link, entering credentials, suspicious login attempts
This visibility saves SOC analysts valuable time by showing them where to spend their time.
Figure 1. Threat Interaction Map accelerates threat response by visualizing interactions across multiple channels and groups.
Uncover and protect against multi-channel threats
Enabling trusted interactions requires advanced threat detection across multiple channels and stages, not just email. This detection must be powered by world-class threat research that tracks threat actors and their latest tactics. More importantly, it also requires data and visibility across the network of organizations that are targeted.
Proofpoint has identified new threats designed to exploit AI assistants by embedding hidden malicious prompts in emails. These prompts exploit user trust of AI assistants like Microsoft Copilot or Google Gemini. When the assistant summarizes the email, the hidden prompts are executed without the user ever noticing.
The consequences can be severe: malicious information may be delivered to users, AI-based defenses can be misled, dangerous commands executed, scam emails sent to entire contact lists, and sensitive data exfiltrated. These prompt injections can evade traditional security measures—but Proofpoint protects against such threats with pre-delivery detection and blocking.
In Q4 2025, we are extending our Nexus detection models to defend against AI exploits delivered via email. The enhanced detection capabilities uncover hidden prompts designed to manipulate AI tools and weaponize email. Our large language models (LLMs) interpret intent and identify concealed instructions that could trigger malicious commands, blocking these messages before they ever reach inboxes connected to AI assistants.
Figure 2. Proofpoint detects the hidden prompts in emails designed to exploit AI assistants. Messages carrying AI exploitation risks are blocked before delivery.
Another common channel of attack is credential theft and account takeover via malicious login pages. With the emergence of AI website builders, attackers can generate full websites for credential phishing and even multifactor authentication (MFA) phishing kits at scale. These AI tools drastically lower the barrier to entry for digital crime, enabling even low-skilled actors to spin up convincing phishing pages without coding knowledge.
To address this, Proofpoint is releasing SSO Password Guard in Q1 2026, a new capability that detects and prevents entry or reuse of corporate passwords. If a user attempts to enter corporate credentials across unsanctioned apps or websites, SSO Password Guard detects and blocks the submission in real time. At the same moment, users receive a contextual nudge explaining why password reuse is risky and guiding them to make safer choices.
This reduces the risk of account takeover by adding another layer of defense—at login time—and delivers in-the-moment education on why reusing passwords is risky.
Figure 3. SSO Password Guard blocks employees from entering or reusing corporate passwords across unsanctioned apps and websites, reducing the risk of ATO.
Authenticate human, application, and agent communications
Attackers exploit human trust—whether in people, applications, or agents. Impersonation risk is everywhere: attackers can pose as your suppliers to target you, or impersonate you to deceive your partners, customers, and vendors. In the agentic world, establishing trusted communications requires authenticating every interaction—human, application, and agent.
Proofpoint helps organizations mitigate impersonation risk by authenticating the identity of people and applications in email communications. We protect your messages with trusted partners, customers, and suppliers against threats like domain spoofing, lookalike domains, and compromised supplier accounts. With comprehensive visibility into all emails sent “as you”—including those sent from third-party SaaS partners and applications—Proofpoint gives you better control and stronger protection against the abuse of your trusted domains used in communications.
Build human resilience
People are attackers’ primary target. But they can also be your strongest line of defense when they’re equipped with the right knowledge and tools. In today’s ever-changing threat landscape, it’s critical that employees are educated on emerging threats and the evolving tactics that are used against them. Tailoring training and phishing simulations to employees’ roles and attack exposure keeps them engaged. What’s more, their resilience is strengthened through more effective learning.
Proofpoint is introducing ThreatFlip in Q4 this year, an AI-powered phishing simulation workflow that transforms real-world phishing attacks into safe simulations. SOC analysts select an active phishing message detected and blocked by Proofpoint in the Threat Protection Workbench to use in simulation. From there, AI automatically scrubs malicious elements and removes personally identifiable information (PII). It then produces a safe, ready-to-use phishing template—and all this can be done with a single click.
ThreatFlip also powers an improved simulation workflow. When someone falls for a phishing test, it delivers customized, contextual learning. AI automatically suggests dynamic Phish Hooks that highlight the lures, saving admins time while improving learning effectiveness. As a result, the Teachable Moments that appear after phishing tests are more engaging and memorable, helping users retain knowledge and build lasting resilience.
The new AI-powered ThreatFlip transforms real-world phishing attacks into safe simulations while automatically creating customized, in-the-moment learning.
Leverage AI agents as a force multiplier for security teams
While the agentic workspace introduces more risk, it also creates opportunities to use AI agents to accelerate security operations and response. We’re introducing Proofpoint Satori™, AI agents that help SOC and security awareness teams scale and automate key tasks. Read more about Proofpoint Satori Agents and how they’ll be a force multiplier for your organization.
Conclusion
Proofpoint’s collaboration security capabilities address the foundational risks of the agentic workspace by providing a holistic platform that ensures trusted interactions—human to human, agent to agent, and human to agent. To learn more, visit Proofpoint’s Prime Threat Protection or contact Proofpoint to book a meeting.
