Proofpoint joins OpenAI cyber programme for GPT-5.5

Proofpoint has joined the OpenAI Daybreak Cyber Partner Program, giving it access to GPT-5.5 for use in its security products, services and workflows.

The partnership is focused on defensive cyber operations rather than direct customer access to OpenAI's models. Under the programme, Proofpoint plans to apply the model to threat investigation, alert enrichment, intelligence analysis and incident response within systems it manages on behalf of customers.

The move places Proofpoint among a group of cybersecurity companies working with OpenAI to apply artificial intelligence to day-to-day security operations. It also reflects a broader shift as vendors look to automate more of the work involved in handling alerts, analysing incidents and responding to attacks.

Security teams are under growing pressure as the volume and complexity of threats increase. That has pushed suppliers to build more AI into managed services and software tools, especially where analysts must process large amounts of data quickly and decide which incidents require urgent action.

Proofpoint said its participation in the programme will support customer-facing defensive use cases without giving customers direct access to OpenAI models. That distinction matters for providers seeking tighter control over how models are used in security environments, including how outputs are monitored and safeguards applied.

Operational focus

Within Proofpoint, the integration is expected to feed into managed products, security services and internal workflows. The main areas of focus include faster threat investigation, stronger alert context, quicker incident-response triage and broader support for security analysts handling heavy workloads.

The company also linked the collaboration to Satori, its agentic AI offering for security teams. It already uses OpenAI models within Satori and expects GPT-5.5 to expand the system's ability to help analysts reduce manual effort and respond to changing threats.

Agentic AI has become a growing focus for security suppliers as they try to move beyond simple chatbot functions to systems that can complete sequences of tasks with limited human input. In practice, that can include gathering evidence from multiple sources, ranking alerts, drafting investigative summaries and helping security teams decide on next steps.

At the same time, the use of AI in cyber defence has raised concerns about governance, safety and misuse. Vendors and customers alike are under pressure to show how models are monitored, what controls are in place and how organisations can prevent AI systems from creating new vulnerabilities.

Proofpoint said its work with OpenAI will include a focus on governance, monitoring, safety controls and abuse prevention. The aim is to strengthen defensive work while maintaining accountability over how the technology is deployed.

Ryan Kalember, Chief Strategy Officer at Proofpoint, outlined the company's position on the partnership.

"Organisations are looking for practical ways to apply AI to strengthen cyber defence while maintaining strong governance and safety controls," said Ryan Kalember, Chief Strategy Officer at Proofpoint.

He added: "By incorporating GPT-5.5 through the OpenAI Cyber Partner Program into Proofpoint's products, services, and AI-powered security workflows, we can help security teams improve threat investigation, decision-making, and efficiency as they protect their people, data, and AI agents. This includes expanding capabilities across innovations such as Proofpoint Satori, our agentic AI solutions designed to reduce operational burden and help security teams adapt more quickly to evolving threats."

Broader market

The partnership comes as AI suppliers and security vendors deepen ties around enterprise and managed security uses. For model developers, cyber defence is a commercially important market where customers are willing to pay for automation that reduces staffing pressure and improves response times. For security companies, access to newer models can help them refresh products more quickly without building every part of the AI stack themselves.

Proofpoint's scale gives the announcement added weight. It says it works with more than 80 of the Fortune 100, more than 14,000 large enterprises and millions of smaller organisations. That customer base means any expansion of AI-driven workflows in its systems could affect a wide range of security operations across email, cloud and collaboration environments.

The use cases outlined by Proofpoint point to familiar pain points for security teams. Alert prioritisation remains a major challenge because many organisations still struggle with high volumes of notifications and limited analyst capacity. Incident response can also slow when staff must assemble context from separate systems before deciding whether an event is benign, suspicious or part of a wider attack.

AI tools are increasingly being pitched as a way to reduce that friction by generating context, summarising activity and recommending actions. But the success of those systems often depends less on the underlying model alone than on how closely it is tied to verified workflows, trusted data sources and review by security professionals.

Proofpoint's approach under the Daybreak programme appears to be built around that managed model rather than open-ended access for end users. Customers will benefit from defensive applications embedded in Proofpoint-run environments, while Proofpoint and OpenAI work on standards for governance, monitoring and abuse prevention.

Potential focus areas include faster threat investigation and analysis, improved alert enrichment and prioritisation, accelerated incident response and triage, enhanced threat intelligence generation and contextualisation, greater scalability for managed security operations and increased productivity for security analysts.