Threat Response Auto-Pull (TRAP)
Photo Gallery
 |
Threat Response Auto-Pull (TRAP)
Additional Info
| Company | Proofpoint |
| Website | https://www.proofpoint.com/us |
| Company size (employees) | 1,000 to 4,999 |
| Type of solution | Cloud/SaaS |
Overview
• Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to move malicious or unwanted emails to quarantine, after delivery. Security teams using TRAP also receive graphical reports and downloadable data showing email alerts, post-delivery quarantine attempts, and success or failure of those attempts.
In the case of malicious and unwanted emails being forwarded to other individuals, departments, or distribution lists, TRAP features built-in business logic and intelligence that understands when messages are forwarded or sent to distribution lists then automatically expands and follows the wide fan out of recipients to find and retract those messages. This saves time and frustration, and with the added benefit of showing message ‘read’ status, TRAP additionally helps prioritize which users and endpoints to review.
An informed employee can be your last line of defense against a cyber attack. With TRAP comes the feature of Closed Loop Email Analysis and Response (CLEAR), this takes the cycle of reporting, analyzing and remediating potentially malicious emails is taken from days to just minutes. Enriched with our world-class Threat Intelligence and Security Awareness Training solutions, CLEAR stops active attacks in their tracks with just a click. And your security team can save time and effort by automatically remediating malicious messages.
How we are different
• Email Quarantine for Malicious and Unwanted Messages After Delivery: Malicious emails can contain phishing links that can be poisoned after delivery or use evasion techniques which lead to false negatives and delivered malicious emails. Unwanted email such as inappropriate jokes or compliance violations in emails are a few examples. Email security teams are often tasked with email analysis and cleaning up to reduce threat exposure and limit potential damages. While email quarantining one message may not require much work and 10 to 15 minutes each, situations where ten emails or more are involved can become tedious, with time requirements quickly adding up. TRAP automates this entire process to make organizations more secure and save time for already stretched security teams.
• Cross-vector Intelligence Sharing: The Proofpoint Nexus Threat Graph provides aggregation and correlation of threat data across email, cloud, network and social. It powers real-time threat protection and response across all our products.
TRAP leverages the Nexus Threat Graph intelligence to build associations between recipients and user identities. It reveals associated campaigns and surfaces IP addresses and domains in the attack. And based on that, TRAP takes automated actions on targeted users who belong to specific departments or groups with special permissions.
Also, if we detect an email contains malicious links, attachments or suspect IPs at a customer site, we will share this information across our entire customer base. This helps with pre-delivery protection. It removes and quarantines any messages that have been delivered to any user’s inbox.
• Enhanced Triage: TRAP provides SOC analysts an enhanced triage process with incidents containing URLs. By leveraging Proofpoint Browser Isolation technology, URLs can be investigated safely. This allows analysts to arrive at an assessment of what the contents of the URL contain and at the same time not putting the organization at risk.
