Overview
Product Information on Proofpoint Identity Threat Defense
What is Proofpoint Identity Threat Defense?
Proofpoint Identity Threat Defense Pricing
Overall experience with Proofpoint Identity Threat Defense
“Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.”
“Performance strong overall, but lacks automated actions and integration features”
About Company
Company Description
The company focuses on providing cybersecurity and compliance solutions. It primarily aims to offer protection across various digital channels such as email, web, cloud, and social media.
Company Details
Do You Manage Peer Insights at Proofpoint?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Proofpoint Identity Threat Defense
Proofpoint Identity Threat Defense Likes & Dislikes
1) Identity deception and honeytokens with high-fidelity Alerts:- I this we can plant fake credentials, honey accounts/ service principals, decoy shares and deceptive AD objects. Any usage of these signals active credential theft or lateral movement with very low false positives. 2) Actionable remediation workflows and automation:- It provides step-by-step remediation such as removing permissions, rotating credentials, fixing ACL's, disabling vulnerable SPN's and integrates with ticketing to execute changes or track them. 3) Low operational noise and lightweight footprint:- Deception-based detection reduces alert fatigue and sensors are relatively light. AD assessments are largely agentless, minimizing impact on endpoints and domain controllers. 4) Strong ecosystem integrations:- Connects with common EDR, SIEM, SOAR and IAM platforms to enrich investigations and trigger automated containment e.g host isolation, credential rotations, policy updates. 5) Incident response acceleration:- During an event, quickly highlights compromised identities, exposed paths for lateral movement, and priority containment actions to limit blast radius.
It enables us to get a single pane of glass view across the various modules that proofpoint offers
Very strong ID-focused threat detection, helps identify suspicious behaviour, privilege abuse; not a lot of noise, alerts are sensible, genuine and actionable; it integrates well with other identity and security solutions, and keeps up with the modern attack vectors.
1) Windows-first visibility; gaps for non-Windows endpoints:- Endpoint and lateral movement insights are strongest on Windows joined to AD. Linux/macOS segments and identity risks outside of AD aren't as richly mapped without extra tooling. 2) Pricing and ROI considerations:- It's not the cheapest category. The value is strong if you are actively reducing AD risk and using deception detection, but teams with limited AD footprint or no bandwidth for remediation may struggle to justify the cost. 3) Policy/allowlisting management:- you will likely need to allowlist legitimate admin tools and service accounts to prevent deception triggers during routine operations. This adds ongoing governance overhead.
Its somewhat limited with the integrations and could do with adding some automated actions depending on certain triggers
It should definitely allow for a wider customization approach, especial where it concerns advanced threat detection logic and reporting tailored to the specific company needs. Investigations could benefit from having to jump between different views, and reporting could do well to be better aligned with compliance and executive requirements and demands.
Top Proofpoint Identity Threat Defense Alternatives
Peer Discussions
Proofpoint Identity Threat Defense Reviews and Ratings
- IT Security & Risk Management Associate50M-1B USDHealthcare and BiotechReview Source
Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.
My experience with Proofpoint Identity Threat Defense has been positive. The platform is effective in identifying and mitigating identity-based threats and it provides clear alerts and actionable insights. I truly appreciate its user friendly interface and the way it supports our security processes. I think it has strengthened our ability to protect sensitive information and respond to potential risk efficiently. - GLOBAL CISO50M-1B USDIT ServicesReview Source
Effective Detection of Identity Threats With Sensible Alerts and Integration Capabilities
A solid addition to our security stack that helped improve visibility into identity based threats and lateral movement potential risks. Establishes good correlating identity behaviour with real world attack paterns. There's room for improvement, but it's part of the stack that we're not considering changing. - IT SECURITY & RISK MANAGEMENT ASSOCIATE<50M USDRetailReview Source
Credential Misuse Detection Effective Yet Alert Management and Tuning Need Improvement
Overall, great product that provides value in strengthening our identity security strategy. There is clear visibility into identity-based risks such as credential misuse, privilege escalation attempts, and more. This, again as an overall, has helped us stay ahead of potential account takeovers. Incident response work has been a bit smoother since the platform integrates with our existing workflows. - Chief Information Security Officer50M-1B USDTelecommunicationReview Source
Enterprise Identity Risk detection but with configuration friction
Proofpoint Identity Threat Defense has significantly strengthened our Active Directory Security, catching misconfigured service accounts and shadow admins that our traditional IAM missed. PAM and IAM integration streamlines remediation and SOC2 AND ISO27001 reporting is quite comprehensive. - IT SECURITY & RISK MANAGEMENT ASSOCIATEGov't/PS/EdGovernmentReview Source
Dashboard Features Aid SOC Analysts in Monitoring Emails and Threat Activity Effectively
I think it's great in terms of supplier defense and managing the UI from a SOC analyst's perspective. Our company is massive and has many suppliers and dealers, so this helps so much.