Targeted Attack Protection

Advanced Threat Protection

Overview


More than 90% of targeted attacks start with email—and these threats are always evolving. Proofpoint Targeted Attack Protection (TAP) helps you stay ahead of attackers with an innovative approach that detects, analyzes and blocks advanced threats before they reach your inbox. This includes ransomware and other advanced email threats delivered through malicious attachments and URLs. And zero-day threats, polymorphic malware, weaponized documents and phishing attacks. TAP provides adaptive controls to isolate the riskiest URL clicks. TAP also detects threats and risks in cloud apps, connecting email attacks related to credential theft or other attacks.

Demo

Proofpoint Targeted Attack Protection

Protect your people against ransomware and advanced threats in email.

Watch the Demo

Next-Generation Detection

Targeted Attack Protection (TAP) is built on our next-generation email security and cloud platforms. This gives you a unique architectural advantage. You get clear visibility into all email communications and files in your SaaS file stores for a far-reaching view of the threat landscape. See everything—from banking Trojans and ransomware to attacks targeted at your organization and resulting credential theft. Deep user-level and message-level context across email and SaaS makes TAP especially effective at identifying hard-to-catch network threats that other solutions miss. TAP equips you to:

  • Block and quarantine messages with malicious attachments or URLs. With emails kept out of inboxes, users never click and become compromised.
  • Submit attachments and URLs to our cloud-based scanning service to detect and inspect malicious content.
  • Isolate URL clicks based on the riskiness of the URL or the user themselves.
  • Transparently rewrite all embedded URLs to protect users on any device or network.
  • Track and block clicks to malicious web pages without affecting the user experience or other URL-filtering technologies you're using.
  • Detect ransomware and malicious files in SaaS file stores and surface account compromise from brute-force attacks and more.

Features and Benefits

Protect your people against ransomware and advanced threats in email

Sophisticated Threat Analysis

Targeted Attack Protection (TAP) protects against ransomware threats quickly and accurately. It applies multi-stage analysis to inspect the full attack chain. And it uses a combination of static, dynamic and protocol analysis techniques to catch even the most advanced ransomware threats. Our technology doesn't just detect threats—it also applies machine learning to observe the patterns, behaviors, and techniques used in each attack. Armed with that insight, Proofpoint's TAP learns and adapts to make the next attack easier to catch. TAP technology stands out because:

  • The cloud-based sandbox constantly adapts to detect new attack tools, tactics and targets. Our technology handles evasive attacker techniques: virtual-machine detection, time-delay malware activation, geographically bound threats and more.
  • Threats like credential phishing attacks leave no obvious digital traces. Our template, reputation-based, and machine learning detection helps you efficiently catch these attacks.
  • Unique predictive analysis preemptively identifies and sandboxes suspicious URLs based on email traffic patterns. This drastically minimizes the risk of a patient-zero case from a previously unknown malicious URL.
  • User activity analysis beyond login information is used to surface account compromise.

    Targeted Attack Protection (TAP) Attack Index

    Your security teams need to know who your most attacked people are in order to protect them against the threats that target them.

    The Proofpoint Attack Index helps identify these targeted people. It also surfaces targeted or interesting ransomware threats from the noise of threat activity that you see every day. This index is a weighted composite score of all threats sent to an individual in your organization. It scores threats on a scale of 0-1000 based on four factors:

    • Threat actor sophistication
    • Spread and focus of attack targeting
    • Type of attack
    • Overall attack volume

    With the Attack Index, you can understand the risks your users face. You can then prioritize the most effective way to resolve threats. You also receive reporting and metrics to assess both individual and overall user risk.


    Read our Customer Success Stories

    Adaptive Security Controls

    The security capabilities of TAP are now extended further by being integrated with Proofpoint Browser Isolation. It does this by enabling risk-based isolation for URL clicks within corporate emails. With our unique approach to protecting people, we can highlight your most attacked people and determine the riskiest URLs that get into your users’ inboxes. By doing this, we can isolate risky URL clicks to help prevent threats and credential phish from impacting your organization. This integration:

    • Integration between TAP and Browser and Email isolation provides adaptive controls to isolate URL clicks based on risk.
    • Provides secure use of cloud collaboration tools, such as SharePoint and Dropbox.
    • Provides phish detection within seconds to limit user input on a page deemed suspicious.
    • Allows your users to exit the isolated session of the URL they clicked within corporate email once it’s deemed safe by deep threat scans.

    Superior Intel and Visibility

    Only Proofpoint provides threat intelligence that spans email, cloud, network, mobile apps and social media. Our threat graph of community-based intelligence contains more than 600 billion data points that correlate attack campaigns across diverse industries and geographies. You can easily leverage this insight through the TAP Threat Dashboard. The TAP Threat Dashboard:

    • Can be accessed through a web browser. Get visibility into the threats entering your organization. See who is attacking, how they're attacking and what they're after.
    • Provides ransomware protection data at organization, threat and user level. This helps you prioritize alerts and act on them.
    • Highlights broad attack campaigns and targeted ransomware threats. You can see attacks directed at your executive leadership and other high-value employees.
    • Surfaces account compromises connected to email attacks.
    • Highlights brute-force attacks and suspicious user behavior.
    • Provides detailed forensic information on threats and campaigns in real time. You get downloadable reports and can integrate with other tools through application programming interfaces (APIs).

    Protection Beyond the Network

    To protect your people, your defenses must work where they do—at the pace they do. With TAP, you can:

    • Protect users on any network, on any device and in any location where they check their email. TAP works on internal or external networks (both public and private) on mobile devices, desktop PCs and the web.
    • Deploy quickly and derive value immediately. You can protect hundreds of thousands of users in days—not weeks or months. TAP can be easily configured as an add-on module to the Proofpoint Protection Server, which can be deployed as a virtual appliance, hardware appliance or cloud service.
    • Surface file-based threats in your SaaS file stores and detect account compromise.
    • Stay ahead of attackers with frequent, daily updates to our cloud analysis services.
    • Enhance the security of any email platform—even for Microsoft Office 365 or hybrid Exchange environments.

    Learn More About our Office 365 Solutions

    Ready to give Proofpoint a try?

    Start with a free Proofpoint trial