Employees Discuss Cyber Intelligence Services

Threat Intelligence

Enhance your security tools with more visibility, deeper research, fewer false positives, and meaningful analytics. Get fully verified threat intelligence and context around detected threats.


Proofpoint ET Intelligence delivers the most timely and accurate cyber threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making.

Benefits and Features

Rich Threat Intelligence and Context Portal

Knowing what types of cyber threats exist is no longer enough to protect your people, data, and brand. ET Intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after. Get on-demand access to current and historical metadata on IPs, domains, and other related threat intelligence to help research threats and investigate incidents.

In addition to reputation intel, you get condemnation evidence, deep context, history, and detection information. It's all searchable in an easy-to-use portal that includes:

  • Trends and timestamps of when a threat was seen and the associated category
  • Type of threat and exploit kit names when available
  • Related samples used in associated or related attacks.
Threat Intelligence Dashboard

ET Intelligence Dashboards

Actionable IP and Domain Reputation

ET Intelligence provides actionable threat intelligence feeds to identify IPs and domains involved in suspicious and malicious activity. All feeds are based on behaviour observed directly by Proofpoint ET Labs. And they can all be directly fed to SIEMs, firewalls, intrusion detection systems (IDS), intrusion protection systems (IPS), and authentication systems.

ET Intelligence highlights:

  • Separate lists for IP addresses and domains

  • IP and domains that are classified into over 40 different categories

  • IP and domains are assigned a confidence score for each category

  • Scores indicate recent activity levels and are aggressively aged to reflect current conditions

  • Hourly list updates

  • Multiple formats supported, including TXT, CSV, JSON, and compressed


Easy Integration with security tools

ET Intelligence is easily digested by your existing SIEM tools such as Splunk, QRadar, and ArcSight and by threat intelligence platforms (TIPs).

Subscribers get free use of our Splunk technology add-on (Proofpoint Splunk TA). The add-on integrates ET Intelligence reputation into Splunk to quickly surface log entries that appear on reputation lists and is compatible with existing Splunk reporting. ET Intelligence is directly available for use though Anomali (formerly ThreatStream).

ET Intelligence lists can also be downloaded into the Bro IDS format.

Threat Intelligence Tech Brief

ET Pro Ruleset

Receive our timely and accurate rule set for detecting and blocking advanced threats using your existing network security appliances.

Support, Services & Training

We offer world-class support, services and training to maximise your investment.