Proofpoint Nexus Threat Graph

Additional Info

Company size (employees)1,000 to 4,999
Type of solutionSoftware


The Proofpoint Nexus Threat Graph is the intelligence that powers Proofpoint products. It collects, analyzes and correlates over a trillion data points across email, cloud, network and social. It uses a combination of NexusAI machine learning, advanced detection and human expertise to protect Proofpoint customers from the ever-changing threat landscape. Proofpoint is unique in that we gather threat data from leading enterprises in the F100, F1000, G2000, leading ISPs and hundreds of thousands of SMBs. We also gather data from across multiple attack vectors such as email, cloud, network and social media:

● 35B+ daily URLs scanned
● 16M+ cloud accounts monitored
● 6k+ worldwide IDS sensors
● 400k-600k+ unique daily malware samples
● 400M+ domains monitored
● 100k+ social media accounts monitored

All this threat data is fed into the Proofpoint Nexus Threat Graph, which correlates more than a trillion threat data points from across these vectors. Nexus Threat Graph also leverages NexusAI, our proprietary detection technology, and our global team of threat researchers which allows us to learn as much as we can about every threat that we see – where it communicates from a command and control perspective to content behavior, to URLs and attachments, evasion techniques and even network layer detection. The combination of machine learning and human expertise enables our products to deliver rich threat insights that helps customers differentiate commodity threats from severe threats. Everything that is correlated and connected in the Nexus Threat Graph is then fed back into Proofpoint products to provide the best security and visibility for our customers to stay ahead of the threat landscape.

How we are different

● Unparalleled Protection – real-time sharing of threat intelligence from the number 1 deployed solution across the F100, F1000, and G2000 as well as being the market leader in email and leading in other vectors such as cloud, network and social.

● Unmatched Insight – our massive corpus of data allows the Nexus Threat Graph to be that much more effective by learning from everything we see.

● Integration across products – Attackers are using multiple vectors to target users and organizations. Our visibility across multiple vectors gives us a unique advantage by normalizing and indexing the threat data to then be fed back into each of our products for protection against cross vector attacks.