Proofpoint Email Security

Additional Info

Company size (employees)1,000 to 4,999
Headquarters RegionNorth America
Type of solutionCloud/SaaS


In 2021, the FBI reported $2.4B in national losses due to business email compromise (BEC) alone, representing a 20% increase over the previous year. Proofpoint Email Security provides an integrated, end-to-end solution to comprehensively prevent and remediate phishing emails and hard to detect attacks such as BEC. It delivers unmatched detection capabilities, actional visibility into targeted users and adaptive controls to protect them, and effectively trains end-users to spot identity deception tactics.

Proofpoint uses a combination of dynamic, static, and protocol analysis techniques to identify phishing threats. In 2022, we released Supernova Behavioral Engine which builds on Proofpoint’s history of utilizing machine learning for detection, and uses language, relationships, cadence, and context to accurately detect threat anomalies in real-time, producing the industry’s lowest false-positive rate of just 1 in 4.14+ million. This engine is powered by the Nexus Threat Graph, which correlates data collected from billions of emails and millions of cloud accounts per day.

To effectively mitigate risk of phishing attacks and credential theft, Proofpoint Email Security enables organizations to apply various risk-based adaptive controls, including email isolation, predictive sandboxing, and security awareness training to risky users. Preemptively sandboxing file-sharing URLs before users click on them, rather than relying solely on reputation, successfully addresses collaboration platform phishing where attackers host and deliver malicious payloads via legitimate file-sharing sites.

Proofpoint Email Security automates threat remediation and streamlines abuse mailboxes by reflexively removing phishing emails containing URLs poisoned post-delivery, even if they’re forwarded or received by others. Users can easily report phishing emails with a single click, which are then automatically analyzed and quarantined if found to be malicious, significantly reducing manual work and IT overhead. It also allows security professionals to preemptively assess how users will engage with imposters by simulating real-world phishing attacks and auto-enrolling those who require additional training.

How we are different

Stop More Threats, Faster: Proofpoint provides the most effective threat protection and leads the way in new detection techniques that prevent various types of email threats, including credential phishing and email fraud. Our effectiveness stems from our advanced machine learning detection engines, such as the Supernova Behavioral Engine, which analyzes email patterns based on frequency, language, and relationships to identify email patterns that fall outside the norm. These engines are fed by data from the Nexus Threat Graph, which aggregates trillions of threat data points across email, cloud networks, and social media from over 60% of the Fortune 1000. This level of detection efficacy allows us to constantly innovate new security features, and in product evaluations against other vendors, Proofpoint consistently identifies more malicious emails evading existing systems.

Unmatched Visibility: Proofpoint Email Security provides actionable visibility into the human attack surface, revealing a company's Very Attacked People (VAPs) risks and providing peer comparisons to help organizations analyze and mitigate risk using adaptive controls. We dynamically isolate URL clicks based on risk profile and provide proprietary real-time anti-phishing scans that run immediately before the page is loaded. Finally, we automatically identify imposter and phishing threats posed by vendors and suppliers, and offer detailed forensics on phishing campaigns, enabling organizations to understand how they are targeted and how to prevent attacks.

Improve Operational Effectiveness: Proofpoint delivers operational savings by providing a well-integrated solution that automates threat detection and remediation. We detect and automatically remove email threats that are weaponized post-delivery and enable users to report suspicious phishing emails through email warning tags. We streamline abuse mailbox management, eliminating the manual, labor-intensive work associated with identifying whether user-reported emails are malicious. We search for all delivered emails, remove them from inboxes, and provide users positive feedback so our customers don’t have to.