Beyond the API: Why Technical Partnerships Matter in Cybersecurity - Part 2

In part 1 of this blog, I discussed why we have chosen to build a small number of strategic technical partnerships with best of breed vendors in their respective space.

No one cybersecurity company can meet all of the security needs of an enterprise customer; there are simply too many threat vectors, different types of bad actors, and motivations for malware and other cybersecurity threats for any single company to be able to effectively address. When best of breed industry leaders collaborate in strategic partnerships, security outcomes can be improved and sprawl minimized. 

At the same time, customers benefit from the best of breed technology instead of utilizing technology that doesn’t solve customer problems to consolidate and reduce the vendor they work with. Strategic technical partnerships do allow customers to benefit from the best of both worlds.

So, let’s look at a few of the integrations we offer:

CrowdStrike

As I mentioned in part 1 of this blog, our partnership with CrowdStrike lets us blend the best threat intelligence from both companies. For you, that means faster, more accurate threat detection and protection.

Working together, we give you visibility and context around threats, the threat actors behind them, and what methods, vectors, and tools they use. This holistic insight helps you secure your people, data, and devices against the most advanced malware and hard-to-detect attacks that don’t use malware at all.

Okta

Our partnership with Okta means a faster-automated response when a user has been compromised and a more adaptive Okta authentication policy utilizing our Very Attacked People data directly in Okta’s policy engine.

Let’s say a user clicks on the URL of a credential phishing site. With Proofpoint, you can quickly detect and confirm the threat and, using the Okta Identity Cloud, automatically reset the user’s password and step up authentication requirements.

Thanks to shared threat intel and coordinated response, our partnership reduces the chances of an account compromise. And it’s all automated, so your security teams can focus on higher-value activities and stay ahead of the next attack.

Another great advantage of our integration is the ability to automatically enforce a more stringent authentication policy for users identified by Proofpoint as Very Attacked People. This reduces the risk of an account compromise – but as this list never stays static, we automate the updating of this policy for you, protecting your most attacked people – all the time!

CyberArk and SailPoint

In a similar fashion to our Okta functionality, our integrations with CyberArk and SailPoint focuses on automated remediation. This provides automated privilege and access control in the event of a potential compromise – closing off or limiting privilege access, providing incident response teams some breathing space to investigate further, and confirm the breach.

To complement this, organizations can also synchronize our Very Attacked People information automatically with both CyberArk and SailPoint, allowing both solutions to proactively adjust security levels for access, including in the case of CyberArk, recording privileged sessions for those most at risk of an attack.

Splunk

Security information and event management (SIEM) systems pull together and correlate threat data from various sources. They give you a unified view into your environment to help connect the dots, surface, and prioritize true threats and coordinate a response.

To that end, our SIEMs partnerships provide rich, people-centric intel and forensic data that helps you quickly pinpoint what users are affected and correlate it with other security events. You get a unified, people-centric view of malware, non-malware, and insider threats.

Why it all matters

Technical partnerships that are more than just marketing initiatives. Done right, they supply real value for customers.

We help reduce risk by sharing threat intelligence and our unique people-centric view into which users and groups in your organization represent the highest risk. Our intelligence sharing means faster, better investigations and responses. And streamlined integration means more rapid deployment and lower ongoing management costs.

We recently announced the Spectra Alliance partnership is further validation of this approach. Spectra is a first-of-its-kind partnership between Proofpoint, Okta, CrowdStrike, and Netskope. Together, we’re helping to secure remote workers with a complete security solution. It’s frictionless for users and protects all web, cloud, and on-premises enterprise activity.

Our technical integrations with Okta and CrowdStrike form the backbone of two key aspects of this partnership. Proofpoint provides people-centric zero-trust security, CrowdStrike protects your endpoints, and Okta brings strong identity management that simplifies the user experience.

Together, we’re bringing you security—and experience—you can’t get with an API alone.

Subscribe to the Proofpoint Blog