Capability Domains met by Proofpoint

Browser Isolation & Malicious Code Identification

Browser Isolation can identify malicious code located in email or web applications. Browser Isolation enables risk-based isolation for URL clicks within corporate emails. It can run in anonymous mode to meet privacy requirements or monitor personnel activity.

Cloud-Based Activity Monitoring

CASB provides the capability to monitor activity on the customer cloud SaaS environment for cybersecurity events such as suspicious logins, malware and anomalous activity. It can also detect cybersecurity events such as staging internal attacks with compromised accounts. CASB is integrated with TAP sandboxing technology for malware detection.

Email Protection & Malicious Code Detection

Email Protection detects malicious code in email with antivirus software using file signature analysis and file sandboxing. Email Protection and TAP monitor the network for unusual email activity and log and archive administrative activity. Email Protection can block emails to and from invalid or unknown recipients.

Endpoint Activity Monitoring

ITM monitors all user activity on endpoints and detects risky activity based on insider threat alerts. Endpoints include desktops, servers and within applications. ITM can send insider threat alerts focused on unauthorized software usage and privilege escalation and abuse. This provides visibility on unauthorized and authorized personnel and access/software.

Security Awareness Training

Security Awareness Training phishing simulation data can be used to detect potential real-world events.