Targeted Attack Protection
Targeted email attacks containing malicious links and/or malicious email attachments represent one of the most dangerous IT threats facing enterprises today. According to the 2013 Verizon Data Breach Report, 95% of targeted attacks began with a spear-phishing attack, a single, carefully crafted email that tricked a recipient to click a link to install malware or surrender their login credentials. Often, these targeted attacks are impossible to detect using conventional reputation, signature-based content scanning and sender verification techniques.
What is worse is that no matter the training provided, users are still falling for these targeted email attacks as they get more sophisticated. Proofpoint research has found that on average, 1 in 10 users that receive email messages with malicious URLs will click on these URLs. Frequently, Proofpoint has observed that malware used in these attacks remain undetected by less than 10% of traditional AV and reputation solutions, even hours after the attack.
Proofpoint Targeted Attack Protection™ takes an entirely new approach, using Big Data analysis techniques and a Cloud Architecture to identify suspicious email messages containing malicious URLs or malicious email attachments. This helps enterprises to add additional layers of security scrutiny that cannot be matched by traditional security solutions and gateways. Targeted Attack Protection represents the industry's first comprehensive email analysis solution for combating targeted threats using a full lifecycle approach, monitoring suspicious messages and email attachments as they come in, and observing user clicks as they attempt to reach out. The key aspects of this email threat analysis solution include:
Dynamic Malware Analysis Service that enables detection of sophisticated targeted attacks, including those using polymorphic and zero-day malware, malicious attachments, and other advanced exploits. Learn More >
Benefit: Cloud scale and elasticity for malware analysis and sandboxing with global and immediate benefit to all organizations for emerging campaigns, with proprietary technology to defeat malware through counter-evasion techniques.
Big Data driven prediction and real-time scoring engine utilizing a cloud-based statistical model to predict URL destinations likely to be malicious as part of an emerging attack. Learn More >
Benefit: Proactively identify threats and minimize clean-up for incident response teams by catching malicious URLs before users click and get infected.
Unique URL re-writing of links within all suspicious emails to enable click-time protection via the URL Defense Service that is agnostic to browser, user device, and user location. Learn More >
Benefit: Enables security controls to persist, even if users are off the corporate network and bypassing on-premise security controls.
The Threat Insight Service provides a graphical dashboard and analysis report view for administrators and security professionals to obtain details of targeted attacks, identification of specific users that were attacked, and real-time notifications for potential incidents that require investigation. Learn More >
Benefit: Know who clicked, when, and the threat forensics to enable rapid incident response and remediation.