Email defenses have reduced phishing impact and save our soc team significant investigation time
What is our primary use case?
Proofpoint Enterprise Data Loss Prevention (DLP) is currently being used in parts. The email protection plan is used, though uncertainty exists about whether an added-on plan for the DLP specifically is included.
When first joined, Proofpoint was in the early phases of deployment and was told it was pretty straightforward, especially with the services they provide, such as white glove service. They respond quickly to questions.
What is most valuable?
The product does a pretty good job filtering out promotional emails and unwanted emails. It effectively filters specific vendors sending out mass mails, not just spam. For important emails, it catches scripts in emails and does a double check on those. Many things noticed over time have been positive, especially the impact on the SOC team, who state that it saves a lot of time and catches phishing attempts early, specifically very custom phishing.
What needs improvement?
Proofpoint Enterprise Data Loss Prevention (DLP) should probably add something more into their case management process. There are certain things that Proofpoint lacks regarding case management. When incidents come in, it classifies a specific subcategory of what that incident is and creates a ticket for the SOC team. If they could provide more details on the type of incident filing in case management, that would be helpful. This is a hard ask because it requires some form of backend automation workflow. Many tools are starting to adopt their own automation workflows, which is pretty cool.
Occasional mishaps arise related to users' devices affected by Proofpoint or when Proofpoint isn't logging specific device actions. The insider risk tool has been utilized effectively, which monitors employee actions every ten seconds, but there have been mishaps. Additionally, there are moments when specific servers require updates due to mismatched deployment updates, though this is not considered difficult because endpoint engineering counterparts assist, especially during Proofpoint calls.
For how long have I used the solution?
What do I think about the stability of the solution?
There was one instance of instability related to a phishing alarm connected to Outlook. It was not major and nothing caused significant downtime within the systems or applications.
What do I think about the scalability of the solution?
Proofpoint Enterprise Data Loss Prevention (DLP) is pretty scalable. The full scalability phase has not been reached yet, as efforts are being made to formalize processes due to frequent M&As. The aim is to have new companies adhere to the same tools. So far, no issues have been encountered, particularly with the smaller companies acquired.
How are customer service and support?
Technical support was contacted via a ticket and they were pretty responsive. Whenever issues arose, the team reached out and a specific TAM stayed on top of it. Initially, tickets were submitted and emails were sent, and the TAM would respond quickly, involving the right people for the tasks.
The quality of their answers is good. Issues have not really been experienced with this specific vendor regarding their responses. They are technical and provide options that help narrow down solutions.
How would you rate customer service and support?
How was the initial setup?
For the deployment of Proofpoint Enterprise Data Loss Prevention (DLP), currently about three people are dedicated to the process or to maintenance and weekly TAM calls. The best estimate that can be given is two or three people. One individual has been observed managing one aspect of Proofpoint products on their own, and it seemed feasible to finish within a month.
What was our ROI?
The pricing for Proofpoint Enterprise Data Loss Prevention (DLP) is still good. When renewal occurred with Proofpoint, there were no issues with the stated price. The company works with GuidePoint Security as a VAR, which does a good job. So far, there has been no feeling of it being too expensive, which would lead to switching to another solution. Proofpoint adds value and proves its ROI based on the services they provide. Although Abnormal Security has been pushing, the package that Proofpoint provides is better in the long run, especially since results have been seen in prevention and responses to exercises concerning external files being sent out during various departures.
Which other solutions did I evaluate?
Attempts have been made to use the Netskope DLP policy, but it is bundled with whatever they offer, especially with the POP locations. Some people in the company have also looked into other solutions apart from Proofpoint, such as Abnormal Security. This is the current discussion given the many moving pieces.
What other advice do I have?
The overall review rating for this product is 8 out of 10.
Exceptional Usability with Immediate Risk Reduction
What do you like best about the product?
Usability,Immediate impact to risk reduction.
What do you dislike about the product?
I have deployed the solution three times accross three business, so there isnt anything that i dislike
What problems is the product solving and how is that benefiting you?
Reduction in malicuous email delivery, user interface integration for end users, and streamlining tasks
Comprehensive Threat Insights for Effective Remediation.
What do you like best about the product?
Threat detail and information available for investigation and remediation
What do you dislike about the product?
None, product is great. Uptime is better compared to rivals
What problems is the product solving and how is that benefiting you?
ATOs. TOAD and other email related attacks
Highly Flexible Solution Perfect for Large Organizations
What do you like best about the product?
Highly flexible, which is perfect for large organisations
What do you dislike about the product?
I don't believe there's anything I would dislike.
What problems is the product solving and how is that benefiting you?
Provides an extra layer of defence, and is truly our biggest protection against phishing emails. Attachment defense also protects us against malicious attachments. Internal DMARC policies can be fully customised to our needs, which is a great benefit when it comes to organisations consisting of multiple different companies, like ours. This for us was a huge help during acquisitions.
Automated Email Analysis That Transforms Workflows
What do you like best about the product?
Automated email analysis for abuse mailbox changed my life
What do you dislike about the product?
Could be better integrated with TAP/TRAP
What problems is the product solving and how is that benefiting you?
Reduced time analysts are spending analysing email threats and highlights potentially significant events
Exceptional BEC Detection Enhances Email Security
What do you like best about the product?
Proofpoint managed to identify BEC types of emails more effectivily than our current email protection provider
What do you dislike about the product?
navigating between different tabs to investigate an issue can be tricky but that might be due to training issues from my side
What problems is the product solving and how is that benefiting you?
first line of defence when it comes to email protection
EFD Sets the Standard for ProofPoint Solutions
What do you like best about the product?
EFD is the best solution i experienced from ProofPoint
What do you dislike about the product?
Integration are coming up with third parties, not yet full integration with other partners
What problems is the product solving and how is that benefiting you?
Its protecting more than 800 domains for my orgnisation for outbound email protection
Blocks on many incoming threats
What do you like best about the product?
The blocks on a large chunk of malicious campaigns sent to our org.
What do you dislike about the product?
Email categorisation sometimes incorrect misleading colleagues when they report emails.
What problems is the product solving and how is that benefiting you?
Scanning for url and attachment threats on our perimeter, preventing attacks not just responding to them
All-in-One Platform with Intuitive UI and Impressive Efficiency
What do you like best about the product?
Its helpful having so many capabilities consolidated in a platform which is easy to navigate UI wise.
I also love how effective and effecient the tool is.
What do you dislike about the product?
Maybe adding some more AI or automation to the capabilities
What problems is the product solving and how is that benefiting you?
Blocking threats before they can get into the organisation.
Blocking at perimeter.
Proofpoint is best
What do you like best about the product?
Proofpoint provides a bullet proof email protection. It has several features that offer to protect our organisation perimeter. Report that offered by proofpoint is very handy and easy to monitor and capture risk.
What do you dislike about the product?
There is nothing to dislike but it needs a browser isolation when a url is clicked
What problems is the product solving and how is that benefiting you?
It stops thousands of spam emails and malwares at the first hop and it eliminates the need to monitor all emails. Reports are very effective and helpful to mark spam sender
