In this interview from RSAC 2026, Sumit Dhawan, chief executive officer of Proofpoint, joins theCUBE's Dave Vellante to discuss how AI is extending the human attack surface and why intent-driven guardrails are the new imperative for enterprise security. Dhawan details the acquisition of Acuvity and the rapid launch of Proofpoint AI Security, a platform designed to protect AI agents from prompt-based exploitation the same way Proofpoint has long defended humans from social engineering. He explains why traditional semantic analysis falls short and how an ensemble of specialized language models detects malicious intent across trillions of messages.
The conversation also explores Proofpoint's approach to token economics, where Dhawan advocates for prioritizing adoption and experimentation over premature ROI measurement — encouraging employees across engineering, sales and support to embrace AI without restrictions. He unpacks why the "SaaS apocalypse" narrative unfairly paints all software companies with the same brush, arguing that cybersecurity providers with proprietary data and continuous threat intelligence enjoy a compounding network effect that widens their competitive moat over time. Dhawan also outlines his framework for enterprise security consolidation, identifying five emerging platform categories — endpoint and XDR, SOC automation, identity, network and SASE, and human plus AI behavior — where organizations are converging on fewer strategic partners rather than chasing a single-provider model. From defending against multi-step prompt attacks to redefining how enterprises structure their security stacks for the agentic era, he provides a practical roadmap for balancing rapid AI adoption with the guardrails needed to keep both humans and machines in check.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Register for RSAC 2026 Conference
Please fill out the information below. You will receive an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC 2026 Conference.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Sign in to gain access to RSAC 2026 Conference
Please sign in with LinkedIn to continue to RSAC 2026 Conference. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Sumit Dhawan, Proofpoint
In this RSAC 2026 interview, Sumit Dhawan of Proofpoint discusses emerging artificial intelligence-driven threats and Proofpoint's response, including the Acuvity acquisition and the launch of Proofpoint AI Security. Hosts Dave Vellante of theCUBE and Christoph Bertrand of theCUBE lead the conversation and draw on theCUBE Research to explore intent-based protection, language-model ensembles, continuous context engineering and strategies for protecting human and AI behavior.
Key takeaways include the need for intent-driven guardrails for AI and ongoing investment in threat intelligence. Dhawan explains that Proofpoint pairs continuous context engineering with global threat feeds and community reporting to detect evolving prompt-based attacks. They advise prioritizing adoption and experimentation over immediate return on investment measurement and argue that incumbency and a data advantage strengthen established security platforms. The segment highlights platform strategy, email security and insider risk within broader cybersecurity trends.
play_circle_outlineProofpoint Acquires Acuvity, Launches Proofpoint AI Security: Mitigating AI-Driven Social Engineering with Intent-Driven Guardrails
replyShare Clip
play_circle_outlineDetecting Multi-Message AI Attacks: Temporal Analysis Needed as Agentic Systems Enable Sophisticated Threats
replyShare Clip
play_circle_outlineIntent-based protection using language models to detect malicious communication intent
replyShare Clip
play_circle_outlineContinuous Context Updates for Adaptive Threat Models: Learning from Global Intel and Customer-Reported Misses with Twice-Weekly Retraining
replyShare Clip
play_circle_outlineProofpoint uses an ensemble of specialized models built from research lab foundations
replyShare Clip
play_circle_outlineTokenomics Strategy: Encourage Broad Internal AI Adoption First, Then Optimize Token Budgets by Role
In this interview from RSAC 2026, Sumit Dhawan, chief executive officer of Proofpoint, joins theCUBE's Dave Vellante to discuss how AI is extending the human attack surface and why intent-driven guardrails are the new imperative for enterprise security. Dhawan details the acquisition of Acuvity and the rapid launch of Proofpoint AI Security, a platform designed to protect AI agents from prompt-based exploitation the same way Proofpoint has long defended humans from social engineering. He explains why traditional semantic analysis falls short and how an ensemb...Read more
exploreKeep Exploring
How is your company addressing AI-related security risks, and what does the new Proofpoint AI Security product (from the Acuvity acquisition) do to protect enterprises?add
Is it harder, easier, or simply different to fool machines than to fool humans when it comes to detecting fraudulent or suspicious communications?add
How has your intent-based protection adapted to threats enabled by generative AI, and how do you protect against both external (social engineering) and insider threats?add
How do your threat-protection models learn and update — what sources of intelligence do they use and how often are updates applied?add
Do you build your own large (frontier) models or start from research-lab models — and how do you architect your system to efficiently detect different types of threats (phishing, fraud, malware)?add
How are you approaching token consumption and cost management for model-powered features — for your product and customers — and what strategy do you recommend regarding broad adoption versus measuring ROI?add
>> Hey everyone, welcome back to RSA, theCUBE's coverage RSAC 2026. We're here at Moscone West on the ground floor. Definitely stop by and see us. I'm Dave Vellante, Christoph Bertrand is also here and I'm pleased to welcome back to theCUBE Sumit Dhawan who is the CEO of Proofpoint. Good to see you again.
Sumit Dhawan
>> Good to see you again, Dave. Thanks for having me.
Dave Vellante
>> We've seen you in New York. We've seen you here every year, but it's not Groundhog Day. You can't get rid of me. Everything changes though, right?
Sumit Dhawan
>> It does.
Dave Vellante
>> It's like this industry is amazing. Every three months, it's something new that you got to stay on top of. So you guys are making some acquisitions. So let's start with the update. Since the last time we saw you, you've acquired Acuvity, right? What was the rationale behind that? Give us the overview. What have you been doing these days?
Sumit Dhawan
>> It's actually exciting times. We were talking about it. AI, it sort of created a lot of questions and almost no busy minute because you're always thinking about something, but also it's exciting. It's really exciting. Now, having said that, Acuvity is an acquisition we closed a few weeks ago and last week we released our first integrated product called Proofpoint AI security. The whole thesis behind that, Dave, was quite simple. If you look at the risks that enterprises have that got created for humans, humans were socially engineered and humans are the biggest source of data exfiltration. AI extends the same problem at a much, much, much bigger surface area. And AI is supposed to mimic humans, artificial intelligence, right? So it's mimicking human intelligence, but AI is susceptible even in a bigger way to the risks of social engineering. It's called prompt engineering. And the fact that AI can mishandle data and credentials. Okay? So we looked at this problem and we said, "Well, what is the fundamental problem with securing this AI? If it's similar to human, the risks are similar." And we said AI needs a framework of guardrails. By definition, humans are trusted in the enterprise and they have a code of conduct. All of us have code of conduct, or most people at least say they do. With AI, it doesn't understand code of conduct. And so as a result, if you're going to trust AI, you have to have some guardrails on top of it. Guardrails that are intent-driven. They can't be just, "Hey, this AI has access to this information." No, it needs to know exactly what it's doing with the information. And that's what activity was, and that's what our models were. And we combined the two together to introduce Proofpoint AI security.
Dave Vellante
>> Is it harder, easier, or just different in terms of being able to fool machines versus humans?
Sumit Dhawan
>> I think it's early. So I would say the good news is that we are seeing simple form of threats today, but I do think it's going to get more sophisticated and the challenge will become bigger because think about it with humans, we are able to stitch together the context. Now we are vulnerable due to urgency, right? Urgency creates an emotional response. And so a lot of times our models are detecting anomalies in communications with the sense of tone and urgency. When you combine the two together, it seems suspicious and our models can detect that, which is our language models that detect, for example, email security. With AI, it's slightly different. You can actually send four separate messages to AI and build a suspicious context. So our models are detecting that form of intent, which is, "Hey, what is happening over a period of time with the communication because that's building an intent that looks suspicious."
So it is difficult as well as different, but we haven't seen it yet. Okay. The good news is we haven't seen it yet, but I do suspect at this point in time with the availability of agentic technologies in the hands of bad actors, it won't be too long before they start issuing compromised attacks onto AI.
Dave Vellante
>> But your mission, the new mission is to validate the intent, correct? So just conceptually, how do you do that? You look for those attempts to fool the machine and you stop that? It sounds like a very hard problem and it's a very kind of fuzzy problem. Of course, AI is so probabilistic and fuzzy and its very nature.
Sumit Dhawan
>> It is in cybersecurity and in particular how Proofpoint started has always been fuzzy and probabilistic and non-deterministic. That by definition is the case.
Dave Vellante
>> So this is kind of market coming to you.
Sumit Dhawan
>> It's to some extent an extension of what we do. We've always done intent-based protection. We've always done using language models, detecting, is this communication intended for the wrong purpose? Okay. You can't do that with semantic analysis, Dave, anymore, because let's say if I'm a threat actor and I'm intent to breaking through to you with a social engineering attack, okay? In the past, when I didn't have generative AI solutions, I would write a message five times, and if I can't get through, then it'd be difficult for me to keep rewriting a message the sixth time, and semantic layer of protection was sufficient. So about 18 months ago, we created language models, which were intent-based protection, so that I can rewrite a message any number of times using generative technologies, and our models will detect the intent and block it. So that's what gave us confidence that even though the models have to be evolved, they are slightly different. The point of collection of signals as well as enforcement of guardrails are different for AI, but it's the promise, it's the domain knowledge, it's the expertise, it's what we do that gets extended from humans to AI. And if I'm a customer, I want to be able to see what's happening with human and AI working together as to the threats that are coming in from the outer world, and you're protected. And by the way, the same thing goes for insider risk, which is the two areas Proofpoint focuses on, external threats and insider threat, both of them being protected using the right intent of employees as well as AI.
Dave Vellante
>> So you're able to observe the behavior and then what the models learn from the reasoning traces of?
Sumit Dhawan
>> Our models today, for example, with our threat protection solutions, they learn from two ways. Okay. They're two ways of learning built into our models today. Firstly, they learn from our ever-growing threat intelligence. So we have threat researchers globally, and that threat researchers are assessing all the campaigns that are happening, and those campaigns are then getting fed back to our context engineering team, and that context engineering team is continually adding context. That happens on a million times a day. It's like every 20 minutes.
Dave Vellante
>> So it's virtually continuous.
Sumit Dhawan
>> It's continuous. And then secondly, whenever any of our customer reports a message we missed, that feeds into both our context engineering team and our data engineering team. Depending on the how, what kind of a campaign we missed, we then either update the model through training, which is twice a week, or if it's just a context that we have to give, we quickly add the context to the model, which is anytime. And so the entire community is protecting each other. Anyone who reports a single campaign that we missed, our models learn, so.
Dave Vellante
>> I have so many questions. Your threat intel had to evolve to accommodate.
Sumit Dhawan
>> Of course.
Dave Vellante
>> Can you sort of explain?
Sumit Dhawan
>> We have seen now attacks issued on AI exploitation. So our threat intelligence is looking for signals to sort of see the various communications that are happening on different channels. And we start seeing that the patterns of communications that is eventually leading to some kind of a malicious intent, assessing not just a single message, but essentially building the context of what communication is happening. That's an example of evolution of our threat.
Dave Vellante
>> So we're all sort of enamored of these large language models, the big four. And of course you see Zuckerberg trying to become five again. So the amount of investment that's going in there is just so impressive. But tell me more about your language models. Obviously, you've got proprietary data and you want to leverage that to differentiate. How do you work with the research labs?
Sumit Dhawan
>> Yeah, we work closely with them. We don't start with our own models. We don't go design our own frontier model. We use our data for both context engineering and data engineering to take a model that's large and we really shrink it down to perform one function. And it's an ensemble approach where we have tested because there are different types of threats. There could be fraud, there could be phishing, there could be potentially malware, all these different types of attacks. If you try to have one big model and say, "Hey, can you answer the question of whether this is either of these?" That may not be as efficient and can take up a lot of tokens and can spend a lot of cycles and time. But when you really ask them for discrete problems, have one model to answer one question and have a sophisticated network of these models that are processing trillions of messages on an annual basis, then you get the combination of both speed as well as efficiency, because economics matter. At the end of the day, you won't want to spend tons of tokens to process whether every message is phishing or not, okay? So that's how we have built this whole model, but we don't build our own model. We start from one of the research labs models and then we shrink it down.
Dave Vellante
>> So one of the buzzwords, of course, is tokenomics. We hear this all the time. Well, you remember that when the cloud first started, we didn't even really pay attention to the cost because it was so much less expensive than IT. That's not anymore.
Sumit Dhawan
>> That's not the case, yeah.
Dave Vellante
>> But in tokens, people are much more sensitive to token consumption. We were kind of joking, everybody's trying to open claw their business and you're always watching how many tokens. And the big question is, okay, well, what kind of value are enterprises getting? What are you seeing ... Two part question. What are you seeing in your world specifically? Because security's always had AI embedded.
Sumit Dhawan
>> 100%.
Dave Vellante
>> Machine learning for sure. And so it's nothing really new to the industry, but what are you seeing in enterprises in terms of the value that they're getting? Are they seeing ... Are you seeing the return on that token spend? And you listen to Jensen, if you heard them last week, he said, "If I have a half a million dollar engineer and he or she is only spending $5,000 a year on tokens, I'm going to be really mad because I want them to consume tokens because that's intelligence and sounds so good and it's so ignoring." And as you say, we say we try to apply it to your business. It's not so trivial if you have NVIDIA engineers running around. So what are you seeing for Proofpoint and what are you seeing in your customer base?
Sumit Dhawan
>> I'd say firstly, our product, when our product is using models and it's burning through tokens, obviously there, I want the latest and the best efficacy and there is a commitment we have made to the clients on protecting them. And if that means for a period of time we have to spend more tokens, we'll optimize them later is the approach I've taken. On the usage by us as well as our customers, what I see, Dave, is there is spectrum that has emerged very rapidly and there are ... I think that spectrum will keep moving. There are customers who are saying that I'm keeping a close eye on it, but I don't care how much I'm spending. I'm focused on adoption. Okay?
Dave Vellante
>> Yeah.
Sumit Dhawan
>> And I'd say that's kind of what Jensen was addressing last week when he said something about the GTC. And I'd say Proofpoint is in that bucket where I'm keeping an eye on it, but I want my engineers and my sellers and my support engineers and even back office to go adopt, go use it. It's okay. There's no restrictions. We keep adding to the pool. And I think then at some point in time, we will determine what is the right token per employee. And then there are customers who are starting with a very slow approach where they have enabled just one or two applications with a contained amount of usage to first measure the efficiency and return on investment. I personally think that the former approach is better. I do think right now is not the time to do return on investment measurements. Right now is the time to do adoption, experimentation, and quickly determining the fundamental business model and/or business workflow transformation. Those are the two things that Agentic technologies provide us. And that has to come a little bit bottom up, just doing it top-down may be limiting. So we have taken an approach and we see other clients too, where we're encouraging adoption metrics, we are assessing the business workflow and business model transformation ideation come up bottom up, and then we are going to come up with some kind of a model of tokens per role for a costing purposes at some point in time.
Dave Vellante
>> That you get, you hire somebody, here's your laptop, here's your token budget effect. So the top-down, if I understand it, Sumit, is you, the CEO saying, "Look, it's okay. Experiment." John Furrier loves to invoke Andy Grove, let chaos rain and then reign in the chaos. Now, as long as there's chaos in the sandbox, that's okay because we're talking security here, but the bottom up is, okay, now let's find those high value use cases and then double down on this.
Sumit Dhawan
>> 100%. By the way, this is the interesting part. You mentioned cybersecurity. To me, I feel like even when we are doing it, activity, we implemented it for that reason because we were like, "Okay, we want to democratize this chaos of usage of AI and ideation of AI, but that doesn't mean you don't have the guardrails." You still are providing the guardrails because in the absence of the guardrails, AI just doesn't know what's right or wrong. And you can't let in this democratized world when AI agents are getting developed and built for a multitude of use cases and many of them that may not survive for too long, you still want the guardrails to be consistent. You can't code them per agent. So it comes back to the whole need for AI security to support that innovation.
Dave Vellante
>> So in a way, it's a pretty good time to be a private company with this whole SaaS apocalypse that everybody's talking about. What do you make of it and what do you think are the biggest misconceptions that the market has? Obviously seat based pricing, I've been attacking seat based pricing since seat based pricing was introduced. So it's easy to criticize that, but obviously you can see how that model, that lock-in model comes under fire, but there still seems to be a lot of innovation, obviously of a huge install base of software companies, but it's an interesting time. What do you make of it?
Sumit Dhawan
>> I think this clearly it blew out of proportion because every SaaS software was painted through the same brush. Will there be SaaS software that potentially are more simplistic workflow without any data advantage and may not be serving critical use cases in the enterprise that get challenged through pricing model, frontier models, maybe even vibe coding, possibly, but if you think about cybersecurity and proof point within cybersecurity, that's quite different. Number one, pipe coding or frontier models are not necessarily practical approaches for something as critical as protecting humans and AI. I can't even think about whether there is any feasibility of it, but even if there were, as I mentioned, our models, they will not be practical without constant context engineering and the data. In fact, for a startup who were to build an alternative solution using models, even the public models, they won't have the data. Without that data, the economics and the weight of these models will be so big that you will be unit economics won't work because customers still expect to pay a certain amount and the efficacy suffers. Both of them will suffer. And there's delay. There's real latency that causes in real time systems like email security. So to me, that along with incumbency, that creates network effect. The network effect keeps making the models better and better and better, and the gap between us and the alternatives keeps increasing. So to some extent, there's a reverse effect here. An incumbent cybersecurity solution that's providing real time security using the underlying incumbent data and AI models, won't you benefit from all of this? So why to paint the whole category of software which happens to be delivered through SaaS through the exact same brush is just not right. And I think investors will understand it because customers certainly do. We don't see any patterns of change in customer demand. They're still equally interested in working with us in even richer and richer and more depth. And right now, being private company, it's easier for us to go focus on that.
Dave Vellante
>> Well, I think that is a big misconception that the market has. It just paints everybody a SaaS company and then boom, it gets hit. Security has always been somewhat insulated from downturns, in general, and I think it's probably insulated from this as well. One of the other things we're watching Sumit in our research with our partner ETR, we've done the survey every year ahead of RSA and now RSAC, looking at consolidation of tools. And up until recently, there was no ... Nikesh with this platformization story, up until recently, there was absolutely no evidence other than anecdotal that that was happening. We're starting to see some evidence in this way. I'll explain it this way, but when you go back two years ago, I would say about two thirds of the sample, pretty large sample, many, many hundreds, said they were able to hold steady the number of tools in their AI or their security stack. Now that number's gone from two thirds to probably one ... Sorry, other way around, one-third, now two-thirds are able to hold steady. So that's at least an indication. It doesn't mean they're consolidating. Consolidation is actually probably different than platformization. Two questions. Are you seeing any ... What are you seeing in terms of consolidation? And my second question is my premise is you're insulated from that because you're not taking those big platforms on head on. You've got differentiation and I want you to sort of dig into that and explain the differentiation.
Sumit Dhawan
>> Yeah. I'd say I think underlying ... Listen, us as vendors, we can always have our own perspectives on what customers should do, but I always come back to what are the core factors from a customer's perspective they would do. From a customer's perspective, there are two factors that have happened. Over time, when the whole cloud and mobile era started, and the cyber became a sort of maybe very important aspect of adopting cloud and mobile, because all of a sudden, your perimeter changed in a significant way. And when that happened, your risk surface area grew and the new risks came popping from every place and there was no solution provided to cover all these risks. So then you came a patchwork of products and here we are in most enterprises, anywhere between 60 to 100 plus tools that had to be adopted. So that clearly is not sustainable. There should be fewer technologies and solutions because when you have that many tools, is your cyber posture really, really more secure or you're just because you got to operate all of that and any ... It could be that your entire posture is dependent on your lowest common denominator.
Dave Vellante
>> And the weakest link. Yeah.
Sumit Dhawan
>> The weakest link. Now, second thing is AI. AI comes in and mindshare needs to move towards that. And Mindshare has asked ... And a little bit of wallet issue as well, how are they going to pay for all that? So based on both of those things, I'm seeing customers say, "I have to go to fewer strategic partners." No one is saying, "I don't see, I'm just going to go all in with one." Okay. I want to go to few strategic partners.
Dave Vellante
>> So how does that affect you?
Sumit Dhawan
>> And I think it's affecting us positively a little bit because eventually it's emerging to five vertical stacks that customers are setting up. And let's call them five solution areas or five platforms that work with each other. Okay, no particular order. And I'm going to mention Proofpoint last. Endpoint and XDR, that's coming together, endpoint cloud security, all that stuff. Second would be, I would say SOC automation. How would you do it in an agentic fashion? And do you need SIEM and SIEM, SOC, automation all comes second. Identity, network and SASE. And then the fifth is human behavior and AI behavior, right? Because you need AI network, AI endpoint, AI automation, AI identity, and AI behavior. Same thing with human and AI behavior. And that's what we provide. And if you go to most enterprises, they will give you their strategic partner names that will be in those five. But just because cyber teams haven't really thought about what are my consolidated platforms, oftentimes what I find myself is when I have these conversations with CISOs, they say, "I like that." Or even CIOs, "I like it." I'm already sort of doing it, so why not formalize it? And then it's just about integration, it's about economics. So how it helps us is there are a lot of satellite technologies around email security that customers have purchased. So now we have sedimented them into our platform, our pricing model. So from a cost perspective, better security, integrated experience perspective, we call it prime, and now it extends to our data security platform. You can just use it as an integrated platform for human behavior, both for inbound and outbound protection. And that helps us a little bit. Obviously we have to showcase that to the customers and take them on the path and make them successful with that journey, but we can provide real value on economics, integration, and higher security.
Dave Vellante
>> And I know you got to run, but where would you put posture management within those five?
Sumit Dhawan
>> I think broad posture management on cloud posture, I would say at the end point, but I would say data posture is related to full data security solution. Okay? So that's how I would do it because posture is a holistic and there's an identity posture, there's an endpoint posture. It's part of every, it's part of everything.
Dave Vellante
>> Sumit, thank you so much for coming.
Sumit Dhawan
>> Always great.
Dave Vellante
>> Really great to see you. Come and see us in New York. I would love to have you back there.
Sumit Dhawan
>> Will do. Will do. Thanks for having me.
Dave Vellante
>> You're very welcome. And thank you for watching. This is theCUBE's coverage of RSAC 2026. We're here at Moscone West. Keep it right there. We'll be right back right after this short break.
Dave Vellante