Expansion of Proofpoint’s platforms ushers in new defenses – spanning from initial to post compromise – to effectively combat increasingly common threats

Aegis Threat Protection, Identity Threat Defence, and Sigma Information Protection platform updates from Proofpoint, Inc., a leading cybersecurity and compliance company, today give organisations the ability to stop malicious email attacks, identify and stop identity-based threats, and protect sensitive data from loss, theft, and insider threats. The new developments further improve Proofpoint’s top threat and information protection platforms, as well as its recently established Identity Threat Defence business (previously known as Illusive), in order to support organisations in enhancing and protecting their investments in productivity, such as Microsoft 365, with the greatest possible deployment flexibility.

Ryan Kalember, executive vice president of cyber security strategy at Proofpoint, stated that the company “continues to deliver on innovations that empower organisations to break the attack chain.” “By offering our customers a unified path to solve for risk across email, cloud, identity, and data, CISOs gain unparalleled visibility into and protection against the tactics that attackers rely on most.”

Platform for Aegis Threat Protection by Proofpoint The only AI/ML-powered threat protection platform, Aegis Threat Protection Platform, neutralises today’s sophisticated attacks, including Business Email Compromise (BEC), phishing, ransomware, supply chain threats, and others. Aegis offers advanced AI-powered, cloud-based protection that supplements built-in Microsoft 365 defences with flexible deployment options using both APIs and inline architecture.

Proofpoint is introducing new capabilities that give visibility into account takeover-based attacks – from both within an organization’s environment and outside suppliers – by fusing the company’s proprietary behavioural analytics and threat intelligence. According to recent Proofpoint threat intelligence, for instance, EvilProxy has emerged as the most well-known MFA phishing-as-a-service provider, allowing threat actors to take control of employee or accounts belonging to dependable vendors.

• *NEW* Supplier Threat Protection: Trusted supplier relationships are a growing attack vector: 69% of organizations experienced a supply chain attack within the past year, and CISOs rate it as one of their top concerns. With Proofpoint Supplier Threat Protection, available today, organizations can detect compromised supplier accounts so that security teams can swiftly investigate and remediate. This new product proactively monitors for and prioritizes known compromised third-party accounts, simplifies investigation with details on why the account is suspected compromised and which employees recently communicated with the account in question, enabling security teams to seamlessly defend against prevalent third-party attacks such as BEC and phishing.
• *NEW* Targeted Attack Prevention Account Takeover (TAP ATO): Threat actors successfully override multi-factor authentication in 30% of all targeted cloud and email account takeover attacks according to Proofpoint threat research. Once inside, malicious actors can hide undetected in an organization’s environment, waging sophisticated attacks at will. Proofpoint TAP ATO, available at the end of Q2 2023, provides visibility across the entire email account takeover attack chain. It accelerates response investigation and remediates accounts, malicious mailbox rule changes, and manipulations of third-party apps and data exfiltration across email and cloud environments.

90% of attacks—from ransomware to APTs—rely on compromised identities, according to Identity Threat Defence, formerly known as Illusive. One in every six endpoints in every organisation now has exploitable privileged identity risks as a result of Active Directory (AD) management complexity. These identity risks include exposed cached credentials on endpoints, poorly configured users with unnecessary privileges, unmanaged local admins with stale passwords, and much more. By exploiting these privileged identity risks, an attacker can easily compromise an endpoint, install malicious software, and steal data. The keys to the kingdom are represented by privileged identities, which attackers use to take the crown jewels. Unfortunately, until they are attacked, the majority of organisations are unaware of this risk.

Proofpoint has strengthened its Identity Threat Defence platform, which has been successful in more than 150 red team exercises, by utilising new, advanced identity risk analytics and automated detection to offer businesses complete identity risk protection and remediation:

• *NEW* Spotlight Risk Analytics: The new advanced risk analytics in the Spotlight dashboard allow users to gain an executive view of an organization’s risk trends as well as exposure across various risk categories and risk exposure levels. It also provides recommendations for possible user admin action. Spotlight Risk Analytics simplifies decision makers’ workload while ensuring organizational leaders can make informed decisions to remediate modern and sophisticated identity risks. With availability expected late Q2 2023, decision makers will also be able to follow risk trends to track their organization’s risk posture improvements over time.
• *NEW* Proofpoint Spotlight Cross Domain & Trust Visibility: For organizations with complex infrastructure, including multinational, multi-business and merging organizations, identity infrastructure is often stitched together without broader visibility. Spotlight Cross Domain & Trust Visibility, available today, provides insight to understand where AD domains across companies have too much bi-directional trust, which can result in identity risk and lateral movement by attackers. Business leaders can gain a centralized view into the broadest organizational structure’s domains and trusts to better prevent identity risk exposure in a holistic fashion.

For a free, two-minute identity threat assessment of their environment, businesses can reach out to Proofpoint to find out their immediate identity risk profile.

Information Protection Platform by Sigma
According to Gartner (Gartner, Inc. Market Share: All Software Markets, Worldwide, 2022), Proofpoint is the largest provider of Insider Threat Management (ITM) in the world. Since its launch in early 2020, Proofpoint’s information protection business has expanded by an astounding 107%, placing the company as the second-largest DLP vendor globally and by revenue. The Proofpoint Sigma Information Protection platform is now used by over 5,000 customers and 46 million users worldwide, analysing 45 billion events each month, and being trusted by nearly half of the Fortune 100, driven by the accelerated adoption of work-from-anywhere practises.

The only information protection platform that combines content inspection, threat telemetry, and user behaviour across channels in a unified, cloud-native interface is Proofpoint’s Information Protection platform.

*NEW* Privacy by Design Data Loss Prevention: As international organizations work to meet new and changing local privacy and data sovereignty requirements, Proofpoint now hosts its Sigma Information Protection platform in regions such as the European Union, Japan, and Australia in addition to the United States. Proofpoint is also further investing in privacy-related capabilities so that organizations can mask sensitive data in the console to limit its exposure and create custom data access policies to address privacy and compliance needs. Additional features are available in beta today, with general availability expected in Q3 2023, enabling organizations to anonymize identifying user information so analysts can investigate without bias and with better privacy for the user. Administrators will also be able to set up metadata for anonymization and approval workflows for de-anonymizing the metadata during investigation.     

For more on Proofpoint’s solutions, please visit:
Aegis Threat Protection platform – https://www.proofpoint.com/us/products/aegis 
Identity Threat Defense platform – https://www.proofpoint.com/us/products/identity-threat-detection-response
Sigma Information Protection platform – https://www.proofpoint.com/us/products/sigma 

To schedule a two-minute complimentary Identity Threat Assessment: https://www.proofpoint.com/us/free-demo-request

Join Proofpoint at RSAC 2023
For those attending RSAC this year, stop by booth #6253 for live demos and conversations with our experts.

Proofpoint will also be hosting a presentation focusing on how identity, data, email and endpoint are the main vectors of attack.

PRESENTATION: Identity, Data, Email, Endpoint – The 4 Horsemen of the Security Apocalypse

• Date: Tuesday, April 25, 11-11:30 a.m. PT
• Location: Moscone North Expo Hall, Booth #6545
• Join Brian Reed, Senior Director of Cybersecurity Strategy at Proofpoint, to learn how the pace of innovation and digital transformation results in the need for organizations to understand and secure their four most important vectors – identity, data, email, endpoint. Identity and data security intersections are self-evident; however, we must secure both the primary ways users collaborate (email) and the primary location where content is created and changed (at the endpoint).