Automated security incident response and containment capabilities enable enterprises to respond to advanced threats in minutes instead of hours or days

SUNNYVALE, Calif. – May 20, 2014 – Proofpoint, Inc., (NASDAQ: PFPT), a leading security-as-a-service provider, today announced that it has acquired Silicon Valley-based NetCitadel, a pioneer in the field of automated security incident response, for approximately $24.0 million in cash. The acquisition extends the reach and capabilities of Proofpoint’s existing advanced threat solutions, adding additional threat verification and containment capabilities via an open platform that unifies products from Proofpoint and other vendors. The unification of disparate threat intelligence data combined with automated incident response enables security professionals to respond to threats faster, in a more scalable way, and with higher confidence and accuracy. This allows an enterprise to prioritize their efforts more effectively to prevent data breaches and data loss across their entire organization.  

“Loss of customer records and other sensitive information can begin within minutes of a system compromise, yet it typically takes organizations hours or days to respond to and contain an attack,” said Gary Steele, chief executive officer of Proofpoint. “By leveraging NetCitadel’s cutting edge technology, organizations can close this critical gap and dramatically reduce the risk of significant data loss. This technology is a natural complement to our cloud-based offerings and allows us to deliver a comprehensive advanced threat solution to all organizations, regardless of their existing IT security infrastructure.”

The NetCitadel automated incident response platform confirms and prioritizes potential security incidents by unifying, correlating and synthesizing security alerts from Proofpoint and other leading security vendors such as HP ArcSight, Palo Alto Networks and FireEye. Based on this confirmation and prioritization, impacted systems can be automatically quarantined and further communications to malicious sites can be blocked – all within seconds or minutes of an initial alert. 

“Now, not only do Proofpoint solutions help block known threats and detect previously unknown threats, Proofpoint solutions can also confirm and contain successful attacks in a fraction of the time and at a fraction of the cost of traditional incident response approaches.” Steele continued.

“NetCitadel’s incident response platform has been fulfilling a critical need for our customer base by slashing incident response times and cost,” said Mike Horn, NetCitadel co-founder and former chief executive officer. Horn is now vice president of threat and response products at Proofpoint. “We’re excited to join forces with Proofpoint and bring this technology to the broader market.”

As part of the acquisition, NetCitadel’s team of security experts and software engineers has integrated with Proofpoint’s team in its Sunnyvale headquarters. NetCitadel’s ThreatOptics product is being re-launched as Proofpoint Threat Response, a standalone product and is being integrated with Proofpoint’s Targeted Attack Protection™.

Proofpoint currently expects the transaction to have no material impact on revenue, billings, and non-GAAP profitability for the second quarter and full year 2014.

For more details about Proofpoint please visit www.proofpoint.com.

About Proofpoint, Inc.
Proofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at www.proofpoint.com.

###

Proofpoint, Proofpoint Threat Response, and Proofpoint Targeted Attack Protection are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

Forward-looking Statements 
This press release contains forward-looking statements including, among other things, statements regarding the addition of technology and a team to Proofpoint’s capabilities, the re-launch of new Proofpoint products, the integrated development with Proofpoint’s Targeted Attack Protection product, the expected benefits to Proofpoint and its customers from the acquisition, the enablement of this new technology to further leverage its core technologies and research across a wider range of customers, and the expected financial performance of Proofpoint (including earnings projections). These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: the potential impact on the business relationships and ecosystem of NetCitadel due to the acquisition; general economic conditions; and the ability of Proofpoint to successfully integrate NetCitadel's market opportunities, technology, personnel and operations and to achieve expected benefits. These forward-looking statements are based on current expectations and are subject to uncertainties and changes in condition, significance, value and effect as well as other risks detailed in documents filed with the Securities and Exchange Commission, including Proofpoint's Annual Report on Form 10-K for the fiscal year ended December 31, 2013, Proofpoint’s most current quarterly report on Form 10-Q, and current reports on Form 8-K that Proofpoint may file from time to time, which could cause actual results to vary from expectations. Proofpoint assumes no obligation to, and do not currently intend to, update any such forward-looking statements after the date of this release.