Proofpoint, Inc. announced multiple new Proofpoint innovations to ensure that organizations worldwide have end-to-end protection around their people—wherever and however employees are working and collaborating. Proofpoint’s new people-centric Enterprise DLP solution helps organizations identify and quickly respond to data loss resulting from negligent, compromised, or malicious users. Proofpoint’s Nexus People Risk Explorer is also available, providing the unified view of vulnerable, attacked, and privileged users.
Each of these Proofpoint innovations provide a new people-centric security and compliance blueprint for email, cloud, and information protection. Key additional enhancements include Proofpoint’s Cloud App Security Broker (CASB) IaaS and DLP functionality along with new Proofpoint business email compromise (BEC) and email account compromise (EAC) imposter classification and remediation.
“If it wasn’t clear before 2020, it certainly is now: people are the enterprise perimeter,” said Ryan Kalember, executive vice president of Cybersecurity Strategy for Proofpoint. “We put people at the center of our innovation roadmap, which has allowed us to break new ground in solving core cybersecurity challenges like DLP. Data doesn’t lose itself – there’s always a negligent, compromised, or malicious user involved – so a people-centric approach can succeed where prior solutions failed. Our latest innovations deliver necessary cloud-based protection across all major channels regardless of a user’s location, communication method or regulation requirements.”
Proofpoint’s people-centric DLP, user visibility, CASB, and BEC/EAC innovations include:
The underlying risk model leverages machine learning and combines real-time Proofpoint Nexus threat telemetry across cloud (CASB), email, and security awareness training. This multi-trillion data point threat graph includes more than two billion daily emails, 13 million active cloud accounts, 86,000+ social media accounts, and 400,000-600,000 daily malware samples.
Proofpoint Cloud App Security Broker (Proofpoint CASB) IaaS and DLP functionality: Available this quarter, Proofpoint CASB will expand its infrastructure as a service (IaaS) resource and account protection, discovery, and governance, a capability often referred to as Cloud Security Posture Management (CSPM). In addition, users can now monitor their cloud infrastructure for threats and detect DLP incidents for swift remediation. This is especially critical following Proofpoint’s recent discovery of a vulnerability in the implementation of cloud multi-factor authentication (MFA) that utilizes WS-Trust, which could allow attackers to bypass MFA and access cloud applications that use the protocol, notably Office 365. This research will be presented at the upcoming Proofpoint Protect virtual customer event on September 9, 2020.
Enhanced Proofpoint Business Email Compromise (BEC) and Email Account Compromise (EAC) Protection: Available this quarter, Proofpoint Email Protection will feature a detailed imposter threat view with the ability to classify different BEC techniques including fake invoicing and payroll redirection. This enhanced visibility into BEC attempts will complement automatic quarantine and end user alerts. In Q4, Proofpoint customers will also have access to a new Supplier Risk Dashboard for additional insight into supplier invoicing fraud and supplier account compromise.