The Proofpoint and Splunk partnership provides correlation of email, social, and network-based threats with other data sources, allowing for organization-wide as well as granular, use-case-specific visibility. Read press release.
For example, joint customers of Proofpoint and Splunk can leverage the integration and technology add-ons of this partnership to:
- Obtain visibility into insider threats, lateral, spread and data exfiltration
- Be alerted of external social risks to the organization
- Aid in incident investigation, discovery, and hunting
- Create consolidated reports for both security and compliance
Email Protection Splunk TA
The Proofpoint Email Protection TA allows users to search and report on Proofpoint Email Protection logs. By normalizing data produced by Email Protection to Splunk’s Common Information Model (CIM), email data can be correlated with other data sources to detect threats and data exfiltration. Read Email Protection TA Datasheet.
ET Intelligence Splunk TA
The ET Intelligence TA (ET TA) seamlessly integrates the acclaimed Emerging Threats Intelligence feed into Splunk, and provides predefined macros and lookups to enrich and search any log that Splunk can parse with ET Intelligence reputation data. The ET TA empowers the Splunk admin to create custom searches, dashboards, panels, pivots, reports, and alerts enriched with Emerging Threats intelligence data. Read Emerging Threats Intelligence TA Tech Brief. Also see "Splunk Integration with Proofpoint Threat Response and ET Intelligence."
Social Media Protection Splunk TA
The Proofpoint Social Media Protection TA enables the ingestion of social media data into the Splunk dashboard. Proofpoint ingests millions of data points from social media networks and social application activity. Over 125 algorithmic classifiers, including Proofpoint’s patented Deep Social Linguistic Analysis, categorize social media incidents and activity, which can then be correlated with other data in the Splunk dashboard. Read Social Media Protection TA Datasheet.
Email Protection Splunk TA Integration
The Proofpoint Email Protection App for Splunk provides detailed visbility into advanced threats such as Email Fraud and credential phishing attacks using customizable reports and dashboards. The Proofpoint Email Protection Splunk TA allows users to search and report on Proofpoint Email Protection logs. By normalizing data produced by Email Protection to Splunk’s Common Information Model (CIM), email data can be correlated with other data sources to detect threats and data exfiltration. Read Email Protection TA Datasheet.