Shadow
Identity Threat Detection and Response
Proofpoint Shadow uses modern deception technology to stop attackers before they know it.
Are you using traditional signatures or behavioral analysis as methods for detection? If so, it’s easy for your security team to get overwhelmed with false positives or alert fatigue. To consistently detect modern attacks, you need deceptive technology techniques that give you high-fidelity detection of privilege escalations and lateral movement. Proofpoint Shadow is unlike traditional approaches. It uses agentless methods to actively engage attackers in your production environment for the sole purpose of detecting their existence.
Features and Benefits
Stop attackers from moving laterally by transforming every endpoint into a web of deception
Agentless detection and protection
With Shadow, you get a unique agentless approach that benefits both your IT administrators and security teams. Built on intelligent automation, it is designed to have a light operational footprint to minimize the impact on IT. And it can’t be disabled or circumvented by attackers like agent-based solutions.
Getting started with Proofpoint Shadow
Over 75 deception techniques
Shadow provides you with active deception techniques to imitate credentials, connections, data, systems and other artifacts that appear useful to the attacker. This helps you ensure early detection of both insiders and external attackers—no matter where compromise begins.
Automated deception
With the Shadow intelligent automation system, you get a highly authentic deception environment that scales and adapts over time. And it’s one that requires very little human effort. Shadow analyzes the endpoint landscape and designs tailored deceptions for each machine. It then deploys them through a one-click process. And it manages the ongoing process of adjusting and managing deceptions over time.
A view from the attacker’s perspective
With the Shadow management console, you can see how close attackers are to critical assets. And you get a full timeline of attacker activity once deceptions are engaged. You can also see how attackers perceive the deceptive data, and much more intelligence on attacker activity.
Deceptive Microsoft 365 Beacon Files
With Shadow, you can automate the creation and customization of hundreds of thousands of deceptive Microsoft Word and Excel documents. These documents are indistinguishable from the genuine article, right down to the usage of company logos and letterhead. And these seemingly real documents can be loaded with fake data that sets off an alert as soon as an attacker tries to use the information to gain access.