Proofpoint has announced a host of innovations across its Aegis Threat Protection, Identity Threat Defense and Sigma Information Protection platforms, empowering organizations to stop malicious email attacks, detect and prevent identity-based threats and defend sensitive data from theft, loss and insider threats. The new innovations further enhance Proofpoint’s leading threat and information protection platforms, in addition to its newly formed Identity Threat Defense business (formerly known as Illusive), to help organizations augment and safeguard their productivity investments, such as Microsoft 365, with maximum deployment flexibility.
“Proofpoint continues to deliver on innovations that empower organizations to break the attack chain,” said Ryan Kalember, executive vice president, cyber security strategy, Proofpoint. “By providing our customers a unified path to solve for risk across email, cloud, identity and data, CISOs gain unparalleled visibility into and protection against the tactics that attackers rely on most.”
Aegis Threat Protection Platform
Proofpoint Aegis Threat Protection Platform is the only AI/ML-powered threat protection platform that disarms today’s advanced attacks, including Business Email Compromise (BEC), phishing, ransomware, supply chain threats and more. With flexible deployment options using both APIs and inline architecture, Aegis delivers advanced AI-powered, cloud-based protection that complements native Microsoft 365 defenses.
By combining the company’s proprietary behavioral analytics and threat intelligence, Proofpoint is delivering new capabilities that provide visibility into account takeover-based attacks – from both within an organization’s environment and outside suppliers. EvilProxy, for example, has become the most prominent MFA phishing-as-a-service provider according to recent Proofpoint threat intelligence – an attack that allows threat actors to hijack employee accounts or those of trusted suppliers.
- *NEW* Supplier Threat Protection: Trusted supplier relationships are a growing attack vector: 69% of organizations experienced a supply chain attack within the past year, and CISOs rate it as one of their top concerns. With Proofpoint Supplier Threat Protection, available today, organizations can detect compromised supplier accounts so that security teams can swiftly investigate and remediate. This new product proactively monitors for and prioritizes known compromised third-party accounts, simplifies investigation with details on why the account is suspected compromised and which employees recently communicated with the account in question, enabling security teams to seamlessly defend against prevalent third-party attacks such as BEC and phishing.
- *NEW* Targeted Attack Prevention Account Takeover (TAP ATO): Threat actors successfully override multi-factor authentication in 30% of all targeted cloud and email account takeover attacks according to Proofpoint threat research. Once inside, malicious actors can hide undetected in an organization’s environment, waging sophisticated attacks at will. Proofpoint TAP ATO, available at the end of Q2 2023, provides visibility across the entire email account takeover attack chain. It accelerates response investigation and remediates accounts, malicious mailbox rule changes, and manipulations of third-party apps and data exfiltration across email and cloud environments.
Identity Threat Defense (formerly known as Illusive):
From ransomware to APTs, 90% of attacks rely on compromised identities. The complexity of managing Active Directory (AD) has resulted in the presence of exploitable privileged identity risks in all organizations at a rate of one in six endpoints. These identity risks include unmanaged local admins with stale passwords, misconfigured users with unnecessary privileges, cached credentials left exposed on endpoints, and much more. When an attacker compromises an endpoint with these privileged identity risks, deploying malicious software and stealing data are easy. Privileged identities represent the keys to the kingdom, which attackers exploit to steal the crown jewels. Unfortunately, most organizations are unaware of this risk – until they are attacked.
Leveraging new advanced identity risk analytics and automated detection, Proofpoint has further bolstered its Identity Threat Defense platform – undefeated in more than 150 red team exercises – to provide organizations with comprehensive identity risk protection and remediation:
*NEW* Spotlight Risk Analytics: The new advanced risk analytics in the Spotlight dashboard allow users to gain an executive view of an organization’s risk trends as well as exposure across various risk categories and risk exposure levels. It also provides recommendations for possible user admin action. Spotlight Risk Analytics simplifies decision makers’ workload while ensuring organizational leaders can make informed decisions to remediate modern and sophisticated identity risks. With availability expected late Q2 2023, decision makers will also be able to follow risk trends to track their organization’s risk posture improvements over time.
*NEW* Proofpoint Spotlight Cross Domain & Trust Visibility: For organizations with complex infrastructure, including multinational, multi-business and merging organizations, identity infrastructure is often stitched together without broader visibility. Spotlight Cross Domain & Trust Visibility, available today, provides insight to understand where AD domains across companies have too much bi-directional trust, which can result in identity risk and lateral movement by attackers. Business leaders can gain a centralized view into the broadest organizational structure’s domains and trusts to better prevent identity risk exposure in a holistic fashion.
Organizations can contact Proofpoint for a two-minute complimentary Identity Threat Assessment of their environment to instantly learn about their identity risk profile.
Sigma Information Protection Platform
Proofpoint is the world’s largest Insider Threat Management (ITM) provider, and since its introduction in early 2020, Proofpoint’s information protection business has grown a remarkable 107%, making the company the second largest data loss prevention (DLP) vendor globally and by revenue according to Gartner (Gartner, Inc. Market Share: All Software Markets, Worldwide, 2022). Driven by the accelerated adoption of work-from-anywhere practices, the Proofpoint Sigma Information Protection platform is now deployed to over 5,000 customers and 46 million users worldwide, analyzing 45 billion events each month, and trusted by nearly half of the Fortune 100.
Proofpoint’s Information Protection platform is the only information protection platform that merges content inspection, threat telemetry and user behavior across channels in a unified, cloud-native interface.
- *NEW* Privacy by Design Data Loss Prevention: As international organizations work to meet new and changing local privacy and data sovereignty requirements, Proofpoint now hosts its Sigma Information Protection platform in regions such as the European Union, Japan, and Australia in addition to the United States. Proofpoint is also further investing in privacy-related capabilities so that organizations can mask sensitive data in the console to limit its exposure and create custom data access policies to address privacy and compliance needs. Additional features are available in beta today, with general availability expected in Q3 2023, enabling organizations to anonymize identifying user information so analysts can investigate without bias and with better privacy for the user. Administrators will also be able to set up metadata for anonymization and approval workflows for de-anonymizing the metadata during investigation.
Join Proofpoint at RSAC 2023
For those attending RSAC this year, stop by booth #6253 for live demos and conversations with Proofpoint experts.
Proofpoint will also be hosting a presentation focusing on how identity, data, email and endpoint are the main vectors of attack.