New Solution Streamlines Protection Against Exploited Vulnerabilities in Minutes
In a rapidly changing cybersecurity landscape, organizations find themselves on the front lines of an increasing number of AI-powered exploit-driven attacks. A new solution, aptly named Active Exploits Protection, has been unveiled by Proofpoint, Inc., a prominent player in the cybersecurity and compliance sector. This innovative approach enables enterprises to significantly reduce their exposure to vulnerabilities that are actively exploited in real time, thereby turning intelligence into immediate, actionable protection across primary attack paths.
The evolving nature of cyber threats—exacerbated by the advanced capabilities of AI—has dramatically altered the risk landscape. With sophisticated AI models capable of autonomously discovering software vulnerabilities, the speed at which these vulnerabilities are weaponized has accelerated. According to industry experts, the gap between identifying a vulnerability and the threat being actively exploited has dwindled from months or years to mere hours. In some instances, attacks launch even before public threat tracking frameworks have caught up to the associated risks. This pressing scenario renders traditional patch-based security methods insufficient, underscoring the need for a robust, agile response strategy.
The cornerstone of Proofpoint’s new offering lies in its dual-source visibility into the actual exploitation of vulnerabilities. Rather than relying on theoretical data, Proofpoint provides insights grounded in real-world observations, often identifying threats before they are acknowledged in public risk frameworks. This is facilitated by a comprehensive attack telemetry system that monitors hundreds of millions of daily email interactions, backed by over 5,000 sensors globally. As of 2026, the system has generated more than three million alerts related to exploits, and it has identified 12 actively exploited Common Vulnerabilities and Exposures (CVEs) compared to just eight listed in the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog.
Sumit Dhawan, CEO of Proofpoint, commented on the urgency of the current situation, stating, "The speed at which threats are evolving has fundamentally changed the risk equation. It’s no longer enough to identify vulnerabilities. Organizations need to understand what attackers are exploiting in real time and reduce their exposure immediately." He emphasized that the combination of real-world exploit intelligence with immediate protective measures is vital for defending against swiftly spreading threats.
The issue of vulnerability overload is significant. With the volume of disclosed vulnerabilities skyrocketing due to AI acceleration, fewer than 6% of these vulnerabilities are actually observed being exploited in real-world attacks. This leaves security teams inundated with critical alerts, often forced to triage thousands of notifications without a clear understanding of which vulnerabilities pose the most significant risk. This situation typically leads organizations to allocate their resources based on severity scores, rather than informed by actual attacker behavior.
Active Exploits Protection aims to remedy this predicament by shifting the focus from merely increasing patch velocity to enabling real-time exposure reduction. By blending observed attacker activity with tangible protective measures, the solution allows security teams to prioritize remediation strategies that materially reduce risk and shrink the window between vulnerability discovery and defense action.
Concrete capabilities of this innovative solution include:
-
Prioritization of Actively Exploited Vulnerabilities: By leveraging Proofpoint’s extensive telemetry data from over three million organizations, including 14,000 large enterprises, the solution identifies vulnerabilities confirmed to be used in actual attacks. This prioritization is driven by observed attacker behavior rather than theoretical concerns.
-
Immediate Protection Activation: Perhaps the most compelling feature is the capacity for automatic translation of exploit intelligence into protective measures within approximately 35 seconds, achieving network-wide propagation in under 18 minutes. This remarkable speed reduces the exposure window for zero-day attacks to mere minutes, even before patching has commenced.
-
Accelerated Threat-Informed Decision-Making: The solution streamlines the process from threat identification to deployment of protective measures, offering real-time contextual insights for investigations. Additionally, customers can tailor attack intelligence through API access, integrating seamlessly with existing Security Operations Center (SOC) tools and vulnerability management platforms.
- Scalability with AI-Driven Workflows: Designed to accommodate modern security operations, Active Exploits Protection lays the groundwork for automated workflows that leverage AI. This integration enables organizations to significantly reduce manual triage efforts and operationalize vulnerability exposure reduction at scale.
Vishal Salvi, Global Head of Cognizant’s Cybersecurity Service Line, remarked on the importance of focus in countering these AI-accelerated threats, stating, "Enterprise security teams need a sharper view of what attackers are targeting." He expressed confidence that Proofpoint’s Active Exploits Protection provides that necessary focus and noted Cognizant’s commitment to helping clients operationalize it through managed security and threat response services.
Proofpoint’s Active Exploits Protection is now available for global deployment, accessible through integrated platform capabilities and API connections. For organizations eager to navigate the complexities of the ever-evolving vulnerability landscape, this solution represents a significant leap forward in proactive cybersecurity measures.
For additional insights and details about the solution, readers are encouraged to visit Proofpoint’s dedicated resources online.