Identity Threat Detection and Response

Proofpoint Shadow uses modern deception technology to stop attackers before they know it.

Are you using traditional signatures or behavioral analysis as methods for detection? If so, it’s easy for your security team to get overwhelmed with false positives or alert fatigue. To consistently detect modern attacks, you need deceptive technology techniques that give you high-fidelity detection of privilege escalations and lateral movement. Proofpoint Shadow is unlike traditional approaches. It uses agentless methods to actively engage attackers in your production environment for the sole purpose of detecting their existence.

Features and Benefits

Stop attackers from moving laterally by transforming every endpoint into a web of deception

Agentless detection and protection

With Shadow, you get a unique agentless approach that benefits both your IT administrators and security teams. Built on intelligent automation, it is designed to have a light operational footprint to minimize the impact on IT. And it can’t be disabled or circumvented by attackers like agent-based solutions.

Getting started with Proofpoint Shadow

Over 75 deception techniques

Shadow provides you with active deception techniques to imitate credentials, connections, data, systems and other artifacts that appear useful to the attacker. This helps you ensure early detection of both insiders and external attackers—no matter where compromise begins.

Automated deception

With the Shadow intelligent automation system, you get a highly authentic deception environment that scales and adapts over time. And it’s one that requires very little human effort. Shadow analyzes the endpoint landscape and designs tailored deceptions for each machine. It then deploys them through a one-click process. And it manages the ongoing process of adjusting and managing deceptions over time.

A view from the attacker’s perspective

With the Shadow management console, you can see how close attackers are to critical assets. And you get a full timeline of attacker activity once deceptions are engaged. You can also see how attackers perceive the deceptive data, and much more intelligence on attacker activity.

Deceptive Microsoft 365 Beacon Files

With Shadow, you can automate the creation and customization of hundreds of thousands of deceptive Microsoft Word and Excel documents. These documents are indistinguishable from the genuine article, right down to the usage of company logos and letterhead. And these seemingly real documents can be loaded with fake data that sets off an alert as soon as an attacker tries to use the information to gain access.