Proofpoint Enhances Threat Response to Help Organizations Rapidly Verify, Prioritize and Stop Threats

Updates include at-a-glance IOC verification, integrated incident response workflow and advanced reporting

SUNNYVALE, Calif., – January 26, 2015 – Proofpoint, Inc., (NASDAQ: PFPT), a leading next-generation security and compliance company, today announced significant enhancements to Proofpoint Threat Response to accelerate the automatic identification and remediation of security threats—dropping security alert response time from hours to seconds. For the first time, organizations worldwide have access to incident management lifecycle technology that can automatically integrate alerts across multiple security solutions such as Proofpoint, FireEye, Palo Alto Networks and Splunk to investigate, verify, prioritize and contain today’s advanced threats.

“We needed a way to rapidly assess incidents, identify threats and confirm possible infections within our network and endpoints as quickly as possible,” said Martin Littmann, chief technology officer and CISO of Kelsey-Seybold Clinic. “Proofpoint Threat Response is a tremendous asset that enables us to achieve significant time savings by automating the contextualization, prioritization and containment of advanced threats. We have seen alert response times drop significantly.”

Proofpoint Threat Response upgrades address several dangerous trends threatening organizations. According to a recent SANS Institute report, more than 90 percent of incidents took over an hour to contain after discovery. With thousands of alerts to decipher, the result is an overloaded incident response team in constant crisis. Many teams are still using a manual incident response process, which is prone to human error and highly variable, making it difficult to justify increased security tools and staff.

Proofpoint Threat Response is the industry’s first platform to automate the incident management lifecycle while delivering consistent information to users and streamlining collaboration and workflow. Three areas of enhancements include:

  • IOC confidence scores: Threat Response’s indicators of compromise (IOC) confidence scores let security teams know instantly whether or not a user is infected based on data collected from endpoints and detection sandbox reports.
  • Enhanced event data and automatic visualization: Threat Response enhanced event data provides users with consistent information and automatically prioritizes security incidents that require action. Users have access to attacker details, including threat type, sandbox analysis results, reputation data and visibility into attacker targets and information by group, department, location and more.
  • Advanced reporting: Threat Response advanced reporting delivers a performance snapshot that details the time it takes IT security teams to review, assign and close cases. This insight allows management teams to streamline workflow and accelerate decision-making.

"Security teams need a fast, integrated way to interpret alerts and quickly stop cyberattacks—Proofpoint Threat Response closes the gap between detection and containment," said Mike Horn, vice president of Threat Response for Proofpoint. "Our integrated system combines rich threat context data with customizable incident management workflows and reporting. The result is active threat containment, faster response times, and better visibility into critical response metrics.”

For more information on Proofpoint Threat Response, please visit Proofpoint also will host a webinar on Thursday, January 29, 2015 titled: “Stop the Bleeding: Advanced Threats and Incident Response in the Modern Enterprise.” Guests include Forrester Research’s Rick Holland and Horn.

About Proofpoint, Inc.

Proofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at


Proofpoint and Proofpoint Threat Response are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.