OpenAI Just Bought Its Own Security Auditor

Imagine hiring a security guard — then finding out the security company is owned by the building's landlord.

OpenAI announced Monday it has acquired Promptfoo, an AI security startup that helps companies find vulnerabilities in large language models before bad actors do. The deal's price tag wasn't disclosed. What was disclosed: Promptfoo had raised just $23 million since its 2024 founding, carried an $86 million valuation as of July 2025, and was already embedded inside more than 25% of Fortune 500 companies. That last number is the one worth sitting with.

What Promptfoo Actually Does

Founded by Ian Webster and Michael D'Angelo, Promptfoo built tools that let security teams stress-test LLMs — probing for weaknesses that could let attackers extract sensitive data, manipulate model behavior, or hijack automated workflows. It offered both an open-source library and an enterprise interface, which explains its unusually wide adoption for a company of its size.

Once the deal closes, OpenAI says Promptfoo's technology will be folded into OpenAI Frontier, its enterprise platform for AI agents. Three capabilities are being highlighted: automated red-teaming (simulating attacks before real ones happen), security evaluation of agentic workflows, and ongoing risk and compliance monitoring. OpenAI also committed to continuing development of Promptfoo's open-source offering — a promise that will be closely watched.

The Real Story: Enterprise AI Has a Trust Problem

This acquisition isn't really about technology. It's about a sales problem.

OpenAI is in the middle of a strategic pivot from consumer products toward enterprise contracts — the kind that come with procurement committees, legal reviews, and IT security sign-offs. AI agents, which autonomously execute digital tasks on behalf of users, are the centerpiece of that pitch. They can book meetings, query databases, draft contracts, and trigger workflows without human intervention at every step.

Sponsored

Advertise with Us

[email protected]

Sponsored

That autonomy is the selling point. It's also the liability. Every action an AI agent takes is a potential attack surface. A compromised agent with access to corporate systems isn't just an IT problem — it's a boardroom problem. And boardrooms don't sign multi-million dollar contracts on a promise.

By acquiring Promptfoo, OpenAI is essentially saying: don't just trust our AI, trust our security infrastructure too. It's a move to collapse the sales cycle — removing the step where an enterprise customer has to go find a third-party tool to audit the platform they're already paying for.

Three Ways to Read This Deal

For enterprise CIOs and CTOs, the integration is genuinely useful. Consolidating AI capability and security evaluation inside a single platform reduces friction. But it also raises the classic vendor lock-in concern. If OpenAI controls both the model and the security audit layer, how independently can that audit really function?

For the open-source security community, the acquisition is a moment of uncertainty. Promptfoo built its reputation in part by being independent and openly available. Big platform acquisitions have a mixed track record on open-source commitments — sometimes they flourish, sometimes they quietly wither. OpenAI's pledge to keep building the open-source offering will need to be backed by consistent action, not just a blog post.

For regulators and policymakers — particularly those drafting AI governance frameworks in the EU, UK, and US — this deal crystallizes a structural question that's been building for years. When an AI company internalizes the tools used to audit its own systems, who's actually checking? The EU's AI Act requires conformity assessments for high-risk AI systems. But if the assessment infrastructure is owned by the same entity being assessed, the independence of that process becomes murky.

Why the Timing Matters

OpenAI isn't alone in this race. Anthropic, Google DeepMind, and a growing field of enterprise AI vendors are all competing for the same regulated-industry contracts — finance, healthcare, legal, defense. The differentiator in those deals increasingly isn't benchmark performance. It's demonstrable safety and auditability.

Acquiring Promptfoo — a company already trusted by a quarter of the Fortune 500 — is a faster path to that credibility than building security infrastructure from scratch. It's also a signal to the market: the frontier labs are no longer just competing on model quality. They're competing on the full stack of enterprise trust.