Proofpoint has rolled out an agentic AI tool that protects against risks in collaboration platforms like Zoom and Microsoft Teams. The offering directly addresses one of the top concerns for CISOs: securing real-time communications. It also builds on Proofpoint’s acquisition of Nuclei in May 2025, whose AI-driven communication enhancement technologies are now built into the platform.
Proofpoint has now introduced Human Communications Intelligence (HCI), powered by the technology inherited from the Nuclei deal, to its Digital Communications Governance (DCG) portfolio. The HCI tool uses AI agents to interpret human intent in real-time conversations across more than 80 communications channels simultaneously, capturing the communications and putting what is said into context.
The capability goes beyond what is available in similar communications products available today, which Proofpoint executives said rely on AI to look at keywords or patterns in a much more reactive manner.
Harry Labana, senior vice president and general manager of Proofpoint’s DCG business,
said in a statement that AI tools need intelligence gained through real-time interpretation and message reasoning to protect against threats that arise from communications systems.
The Risks with Communications
This comes at a time when organizations are concerned about communications being the source of risks. In its
2025 Voice of the CISO report, Proofpoint found that 34% of CISOs were most concerned about using collaboration tools like
Slack.
That was the number-one concern, above other systems like generative AI chatbots, such as ChatGPT, Copilot, and Gemini, at 33%, perimeter network devices and cloud storage (both at 32%), and Microsoft 365 (30%).
“As the survey ... pointed out, collaboration tools and the behaviors that surround them aren’t very secure,”
Rob Enderle, principal analyst with
The Enderle Group, told MSSP Alert. “They do capture bad behavior; they just don’t alert on it, meaning they are gold mines for anyone wanting to take the company to task for that bad behavior. Using agentic AI to identify and alert on this behavior at least provides the company with a tool to eliminate it before the problem results in expensive litigation losses.”
A 'Noteworthy' Move
Krista Case, research director with
The Futurum Group, called
Proofpoint’s bringing AI agents to security for collaboration tools “noteworthy.”
“Platforms like Slack, Teams, and Zoom are targeted because they not only facilitate sharing of sensitive data, but they are also crucial to core daily business operations,” Case told MSSP Alert. “They are, unfortunately, also difficult to secure because their associated threats don’t follow clear signatures. They typically involve human interaction, context, and intent. Agentic AI has potential here because it can provide real-time context. For example, AI may be used to help discern whether a file share is benign or suspicious given the conversation around it.”
Managing AI Risks
Both Enderle and Case said that the dual nature of agentic AI in cybersecurity can be used both as a tool for enhancing security capabilities and a threat, depending on how well it’s managed by an organization and the fact that bad actors are using it as well.
“I don’t believe you can defend against an AI threat with people, and AI operates at scale far more effectively than humans do because it is less likely to be overwhelmed due to understaffing,” Enderle said. “However, AI can also become a problem, so assuring the quality of the AI becomes even more important than just deploying it. It is potentially a good thing with an adequate focus on quality, but it can become a very bad thing if that quality focus is inadequate.”
MSSPs Need to Be AI Experts
Regardless, both corporate security teams and MSSPs are going to have to learn to manage AI and use in their security strategies.
“Proofpoint’s announcement underscores that MSSPs will need to evaluate how they can incorporate agentic AI into their workflows, not just for threat detection, but also for scaling their own analyst teams in the face of talent shortages,” Case said. “The MSSPs that move quickly here could differentiate themselves meaningfully.”
Enderle echoed the sentiment, adding that if they want to remain relevant, MSSPs need to become experts in AI.
“MSSPs, along with everyone else, are struggling with AI tech and it should be a higher priority for most of them than it currently is,” he said.
Proofpoint, based in Sunnyvale, California, already offers a number of AI-powered features in its DCG portfolio, including Proofpoint Capture, another Nuclei-based technology that pulls in communication channels like AI chatbots, mobile messaging, collaboration apps, social media, email, and voice and applies real-time reasoning to the conversations.
HCI is extending these same protections to human communications and will connect with Proofpoint Insider Threat Management early next year. That integration will let organizations link risks spotted in messages with user activity on endpoints. Within DCG, Proofpoint also offers Supervision, designed to help organizations meet strict compliance requirements for regulated communications.
