Proofpoint Announces Breakthrough, Cloud-based Defense against Spear Phishing and Other Targeted Attacks

Proofpoint Targeted Attack Protection™ Stops Targeted Attacks that Evade Conventional Security Systems; Delivers Persistent Defense against Malicious URLs

EDITOR'S NOTE: Proofpoint Targeted Attack Protection™ is a finalist for the Microsoft Best of TechEd Award in the security category

SUNNYVALE, Calif., – June 7, 2012 – Proofpoint, Inc. (NASDAQ: PFPT), the leading security-as-a-service provider, today released a new cloud-based security solution uniquely architected to provide reliable protection against spear phishing and other malicious, targeted attacks that have eluded the security industry for more than a decade. Proofpoint Targeted Attack Protection™ deploys an array of advanced technologies including big data analysis techniques, URL interception, and malware sandboxing to provide unprecedented protection that follows messages and users wherever they go  whether they're behind the corporate firewall or off the corporate network, on mobile devices, or public terminals.

"Today's targeted attacks are one of those issues that keep every security professional up at night because they're both harder to detect and harder to recover from than conventional threats," said Patty Krivitzky, senior systems support specialist for Alticor, the parent company for Amway. "If even one user clicks just once on one phish, it could turn into a disaster  where that one data breach could end up triggering millions of dollars in damages and cost, not to mention the damage to brand reputation. Proofpoint has been our trusted security partner for years and Targeted Attack Protection is yet another example of how Proofpoint delivers innovative solutions to our most pressing security concerns."

"Targeted attacks represent one of the most dangerous IT threats facing enterprises today. These sophisticated blended attacks can bypass even the most advanced Web, e-mail and end-point security systems by exploiting gaps between these point products," said David Knight, executive vice president of product management for Proofpoint. "Proofpoint Targeted Attack Protection is designed to close these gaps and stop targeted attacks by combining previously disparate e-mail security, Web security and malware analysis technologies into a comprehensive, cloud-based service."

Proofpoint Targeted Attack Protection Functionality 
Proofpoint Targeted Attack Protection combines big-data driven e-mail security, Web security and malware analysis technologies into a single comprehensive defense, which includes:

Identification of Suspected Attacks
Proofpoint Targeted Attack Protection takes an entirely new approach to identifying suspected attacks, employing big data analysis techniques to spot and apply additional security controls to suspicious messages. Proofpoint Anomalytics examines hundreds of variables in real time—including message properties and the email traffic history of the message recipient—to understand per-user what constitutes "normal" mail traffic, and to identify exceptions that would indicate that an incoming message may be (or later become) a threat.

"Attackers are increasingly focused on delivering malicious content inside of email and Web transactions in order to breach your security and pass through your existing security controls. In the past, signature-based technologies such as antivirus were adequate to protect against a majority of threat," said Gartner analysts Lawrence Pingree and Neil MacDonald, writing in Best Practices for Mitigating Advanced Persistent Threats¹. "However, the emergence of newer attack and payload delivery techniques that bypass these traditional signature-based approaches must be addressed by new emerging security technologies as well as augmentation of our old paradigm of thinking about traditional security technologies."

Persistent Defense Against Malicious URLs
Attachments to and URLs in these anomalytics-identified messages are then subjected to additional processing. Proofpoint Targeted Attack Protection re-writes any links (URLs) in the messages so that browsers are transparently redirected through the Proofpoint cloud for content inspection and malware analysis every time the link is subsequently clicked – a tactic dubbed "URL click-time defense." If URLs that were initially harmless turn malicious after a period of time—a common phishing tactic—users are still protected, whether they access the message from the corporate network, home network, mobile device, or public network.

Attack Visibility, Remediation and Response
Proofpoint Targeted Attack Protection provides unprecedented visibility into persistent threats through its unique Threat Insight Service. The Threat Insight Service includes a Web-based threat dashboard and configurable alerts that give administrators and security professionals the ability to identify targeted attacks, the scope of these attacks (just their organization or wider industry), which individuals are being targeted by the attacks, the nature of the attacks (malware, credential phishing etc.), and what remediation actions if any are necessary.  

Pricing and Availability
Proofpoint Targeted Attack Protection is a cloud-based solution that can be rapidly deployed without up-front capital expenditures and is designed to complement existing e-mail and web-security products. General availability is slated for the third quarter of 2012 with licensing on a per-user, per-year basis.

¹Gartner, Inc., "Best Practices for Mitigating Advanced Persistent Threats," by Lawrence Pingree and Neil MacDonald, 18 January 2012

About Proofpoint, Inc. 
Proofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at


Proofpoint, Proofpoint Anomalytics, Proofpoint Targeted Attack Protection and Proofpoint Enterprise Protection are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and other countries. All other trademarks contained herein are the property of their respective owners.

Forward-Looking Statements 
This press release contains forward-looking statements including, among other things, statements regarding the plans for the availability and features of Proofpoint Targeted Attack Protection and their expected benefits to customers. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to (i) adverse changes in general economic or market conditions; (ii) priorities, delays or reductions in information technology spending; (iii) competitive factors, including but not limited to pricing pressures, industry consolidation, entry of new competitors into the security and compliance markets, and new product and marketing initiatives by Proofpoint competitors; (v) the uncertainty of customer acceptance of emerging technology; (vi) rapid technological and market changes in the threat landscape and cloud computing; (vii) changes to product development timelines; (viii) Proofpoint’s ability to protect its proprietary technology; and (ix) Proofpoint's ability to attract and retain highly qualified employees. These forward-looking statements are based on current expectations and are subject to uncertainties and changes in condition, significance, value and effect as well as other risks detailed in documents filed with the Securities and Exchange Commission, including Proofpoint’s most recent reports on Form 424B and Form 10-Q and current reports on Form 8-K that Proofpoint may file from time to time, which could cause actual results to vary from expectations. Proofpoint assumes no obligation to, and do not currently intend to, update any such forward-looking statements after the date of this release.