CLOUD CONNECTOR

Proofpoint Targeted Attack Protection

Proofpoint Targeted Attack Protection (TAP) provides an innovative approach that detects, analyzes, and blocks advanced threats before they reach the email inbox. This includes ransomware and other advanced email threats delivered through malicious attachments and URLs, as well as zero-day threats, polymorphic malware, weaponized documents, and phishing attacks.

Securonix integrates with Proofpoint TAP for attack identification and email security event ingestion for threat chains.

Proofpoint SIEM API Module Major Log/Event Types Related Threats Use Cases/Threat Packages Details
Click Events Clicks Permitted, Clicks Blocked (Response contains details of threat URL, threat score and other Proofpoint specific details) Malware, Phishing, Account Compromise Malware, Phishing, Account Compromise URL Click Events
Message Events Messages Permitted, Messages Blocked/Quarantined (Response contains message details such as message ID, threat list as well as threat score) Malware, Phishing, Account Compromise Malware, Phishing, Account Compromise Malicious Message Events