Proofpoint Digital Risk Protection secures your brand and customers against digital security risks across web domains, social media, and the deep and dark web. It’s the only solution that gives you a holistic defense for all your digital engagement channels. Features and Benefits Social Media Protection Digital Risk Protection secures your company and customers from digital risks for your entire social media infrastructure. Our solution protects your social media presence from account takeovers, social media phishing scams, and malicious content. Web Domain Fraud Monitoring Protect your domain investments from domain squatters, typo phishing campaigns and other infringing domains. Our digital protection solution applies artificial intelligence to uncover fraudulent domains that pose a risk to your brand and customers. We also safeguard your brand-owned domains remain by letting you know if your domain registrations or SSL certificates are about to expire. Executive and Location Threat Monitoring Digital Risk Protection helps you gain situational awareness of potential social media threats against your key executives and locations. Our solution crawls the far reaches of the digital world, spanning millions of web pages and social sites daily. This helps you get in front of threats, whether they are planned, imminent or occurring in real-time. Digital Compliance Engaging on digital channels while ensuring compliance doesn’t have to be a headache. Our digital protection solution helps you rein in account social media sprawl and supervise all your content to ensure it complies with public communications and retention rules from FINRA, SEC, FCA, IIROC and others.

Protection against BUSINESS EMAIL COMPROMISE (BEC)

Dynamically classify impostor email (BEC) other threats that don't involve malware. These low volume, hard-to-detect threats have cost businesses more than $2.3 billion and cannot be detected by solutions that detect only malware. We detect and classify impostor email through a combination of authentication (DMARC), pre-defined rules, and dynamic classification. Our technology actively assesses the reputation of the sender for accurate protection without additional administration overhead.

We analyze:

• Sender-recipient relationship
• Domain reputation
• Email headers and envelope attributes
• Email content

Granular filtering and control

Email Protection can control all aspects of inbound and outbound email. Our policy engine gives you complete flexibility. Custom rules support global, group and user-level controls to meet the needs of even the most complex enterprise. Individual quarantines enable you to separate email types to allow your people to access their email digest and quarantine while keeping malicious emails away. Quarantines include:

• Spam
• Impostor
• Bulk
• Phishing
• Malware
• Adult
• Low Priority

Detailed visibility

Email Protection gives you a wealth of data and search tools. Our advanced message tracing features a high-performance search engine to help you quickly pinpoint hard-to-find log data based on dozens of search criteria. With more than 60 real-time reports for detailed visibility into mail flow and trends, Email Protection provides the data that can help address issues and trends as they emerge. Give your people self-service control over their email preferences such as:

• Quarantines
• Safe and block lists
• Bulk mail delivery

These services are also easy to brand, providing familiarity for users who access these tools. And with support for numerous languages, you can deploy them globally. More than 90% of targeted attacks start with email, and these security threats are always evolving. Proofpoint Email Protection provides multiple layers of security to stop malware and non-malware threats, such as email fraud. It can control all aspects of inbound and outbound email to detect and block threats, and prevent confidential information from getting into the wrong hands.

Features and Benefits

• Advanced Email Filtering, Control and Visibility. Email Protection allows you to set up robust policies as a first step in routing email to users. You can create detailed firewall rules based on your needs. Even set up policies for anti-virus. We also leverage user bulk mail actions to improve accuracy of future detection and classification. With a wealth of data and search tools, you can ensure your organization's email is protected.
• Impostor Email Threat Protection. Imposter attacks are hard to detect. Our Stateful Composite Scoring Service (SCSS) is a machine learning approach that searches specifically for these email threats. It uses what’s known about your unique environment, along with data from all Proofpoint customers, to more effectively detect and block email fraud. 
• Internal Mail Defense. As organization move to cloud-based email services, compromised accounts are on the rise. Internal Mail Defense can automatically scan all internal email traffic, providing a multilayered approach to looking for such things as spam, malware or phishing attacks being sent via compromised accounts. It removes these emails and provides reporting to shows which accounts have been compromised.
• Email Continuity. Email downtime can be a significant hit to worker productivity. Enterprise Continuity ensures email is always available, even if your company email is down. It provides full access to users—via Outlook integration, a web portal or native mobile support. And it automatically activates in an outage, with fully automated recovery.  

Proofpoint Targeted Attack Protection (TAP) helps detect, mitigate, and block advanced threats that target people through email. We detect both known and new, never-before-seen attacks that use malicious attachments and URLs to install malware on a device or trick users to share their passwords or other sensitive information. TAP is unmatched in stopping targeted attacks that use polymorphic malware, weaponized documents, and credential phishing to access sensitive information or steal money.

TAP provides the first line of defense at the email gateway. TAP has two components:

Attachment Defense: TAP can hold messages until a verdict is received after analysing the attachment. Clean ones are delivered to the inbox and threats are quarantined.

URL Defense: Messages containing URLs that are known to be malicious are immediately quarantined. TAP rewrites all other URLs in order to track and block clicks. When users click on the rewritten URLs, TAP redirects them — based on the verdict from inspection — to either the original webpage or a customizable block page that prevents access to compromised site.

TAP is built on the Proofpoint next-generation email security platform, which offers clear visibility into all email communications. This means that TAP has greater context to extract threat intelligence, quickly mitigate the attack surface by blocking malicious messages, and reduce your security risk.

Our advanced threat solutions continually adapt to detect new attack patterns. TAP inspects the entire attack chain using static and dynamic techniques. We analyse potential threats in several stages using multiple approaches to examine behavior, code, and protocol. TAP uses unique features, such as predictive analysis to identify and sandbox suspicious URLs before users can click on them.

Proofpoint TAP includes a web-based graphical dashboard that provides data at organizational, threat, and user levels to help you prioritize alerts and take action. Detailed forensic information on both individual threats and campaigns is provided to you in real time.

Proofpoint TAP is easily configured as add-on modules to the Proofpoint email security platform, which can be deployed as a cloud service, virtual appliance, or hardware appliance. Proofpoint also uses the cloud to instantly update our software every day to quickly incorporate new features and help you stay ahead of attackers.

To educate end users without wasting time, you first need to identify their individual vulnerabilities, as well as broader cybersecurity concerns for your organization. Our ThreatSim® Phishing Simulations help you assess users’ susceptibility to phishing and spear-phishing attacks, with email templates based on real phishing lures spotted “in the wild” by Proofpoint threat intelligence. We also offer CyberStrength® Knowledge Assessments, a powerful web-based tool that helps you measure users’ understanding of critical cybersecurity topics and track progress over time, driving continuous improvement.

ThreatSim® tests your organization’s susceptibility to a variety of phishing and spear-phishing attacks. Unlike other phishing simulation tools, we provide Dynamic Threat Simulation phishing templates based on current lures spotted “in the wild” by Proofpoint’s industry-leading threat intelligence.

With thousands of different phishing templates across 35+ languages and 13 categories—and more added each month — you can evaluate users on multiple threat types, including:

• Malicious attachments
• Embedded links
• Requests for personal data

Wide Variety of Customizable Templates

The ThreatSim phishing tool supports more than thousands of templates across more than 35 languages. Our variety of templates address three key testing factors: embedded links, requests for personal data, and attachment downloads (.pdf, .doc, .docx, .xlsx, and .html). Average failure rates calculated from assessments sent by all customers for each template are visible within the phishing tool, which allows administrators to gauge difficulty prior to campaign creation.

Dynamic Threat Simulation

Using real, “in-the-wild,” threat intelligence data from our Targeted Attack Protection, we deliver new ThreatSim phishing templates to help create simulated attacks that will challenge the user’s ability to respond to the most relevant threats. Administrators can customize the content in any template, or create their own. This flexibility allows organizations to quickly and easily create timely phishing tests that mimic threats seen in the wild and within their own networks.

Teachable Moments

We strongly suggest that all employees who fall for a ThreatSim Phishing Simulation be automatically presented with an “intervention message” (which we like to call a Teachable Moment). By utilizing “just-in-time teaching” at the moment an employee interacts with a mock phishing email, Teachable Moments explain what happened, outline the dangers associated with real attacks, and give practical advice about avoiding future traps.
We offer several formats — including static and animated landing pages, short videos, and interactive challenges — for our Teachable Moments and allow you to tailor the message as you see fit. A selection of static landing pages is available in 17 languages, which allows your global employees to view key messages in their native languages. You can also opt to route clicks to your own internal messaging.

Auto-Enrollment

We were the first-to-market with this time-saving and behavior changing feature that allows you to automatically assign follow-up training to anyone who falls for a ThreatSim Phishing Simulation. While you can still assign training to everyone, Auto-Enrollment allows you to quickly deliver targeted training to your most susceptible end users first. This approach can dramatically improve the efficiency of your program and engage those who need the most attention.

Multinational Support

Multinational support allows administrators to deliver simulated attacks and Teachable Moments in dozens if languages which means you can assess your global employees in their native language.

PhishAlarm and PhishAlarm Analyzer

Our PhishAlarm one-click email reporting tool is available to install at no cost. This email client add-in allows employees to report suspicious messages to your security and incident response teams with a single mouse click. We recommend adding our PhishAlarm Analyzer anti-phishing email analysis tool, which utilizes machine learning to prioritize emails reported via PhishAlarm and enables faster remediation of the most dangerous threats on your network.

System Click Exclusion

System Click Exclusion is a feature built into ThreatSim that identifies and isolates phishing simulation interactions initiated by email protection tools. This patented approach ensures an accurate view of risky end user behaviors and enables productive and efficient security education programs.

What does this provide?

• Accuracy - A mechanism to ensure an accurate view of end user interactions (versus clicks from email gateways) in phishing simulations
• Intuitive UI - An easy-to-use interface for creating System Click Exclusion rules for multiple system interactions based upon IP address or user agent
• Reporting - Easily identify the interactions from systems instead of users to validate that all interactions are being captured
• Integration with TAP - A seamless experience for Targeted Attack Protection (TAP) customers because the customer’s email protection tool clicks are already systemically whitelisted through existing integration between the ThreatSim product and TAP

Random Scheduling

This option allows you to spread out the distribution of phishing simulations to minimize the impact to your email servers and IT helpdesk. Paired with the ability to use multiple simulated attack templates in a single assessment campaign, these functions reduce the chances that employees will figure out – and discuss – the phishing test, which helps provide the purest test of end-user susceptibility.

Valuable Business Intelligence

ThreatSim provides extensive analytics and reporting about employee responses to various phishing attack scenarios. You’ll also know whether employees fell for an attack through a mobile phone, a tablet, or a computer; the browsers they were using; and their locations when they fell for the attack.

Weak Network Egress and Vulnerability Checks

ThreatSim offers an optional Weak Network Egress function, which can help detect data egress from users’ PCs and, as a result, allow security personnel to identify and modify security controls to reduce potential threats. Administrators can also check for browser vulnerabilities with the capability to flag out-of-date (and potentially vulnerable) third-party plug-ins on end-user PCs.