Name: Proofpoint Identity Threat Defense
Rating: 4.5 (35 reviews)

Overview

Product Information on Proofpoint Identity Threat Defense

Updated 13th October 2025

What is Proofpoint Identity Threat Defense?

Proofpoint Identity Threat Defense is a software that detects and mitigates identity-based threats within enterprise environments. The software uses analytics to identify compromised credentials, lateral movement, and privilege escalation tactics used by attackers. It provides visibility into user accounts and privileges to help organizations manage attack surfaces associated with identity and access. By analyzing network and directory activity, the software uncovers potential exposures, high-risk accounts, and attack paths that could be exploited. It integrates with existing security tools to enrich detection and response efforts and supports policy-driven remediation to reduce risk related to compromised identities. Proofpoint Identity Threat Defense addresses identity security challenges by providing organizations with the ability to detect, prioritize, and respond to threats targeting user accounts within their networks.

Overall experience with Proofpoint Identity Threat Defense

IT Security & Risk Management Associate

50M - 250M USD, Healthcare and Biotech

FAVORABLE

“Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.”

5.0

Dec 8, 2025

My experience with Proofpoint Identity Threat Defense has been positive. The platform is effective in identifying and mitigating identity-based threats and it provides clear alerts and actionable insights. I truly appreciate its user friendly interface and the way it supports our security processes. I think it has strengthened our ability to protect sensitive information and respond to potential risk efficiently.

Manager, It Security And Risk Management

250M - 500M USD, Miscellaneous

CRITICAL

“Delays in Mail Delivery and Multi Domain Issues Reported with This Product”

3.0

Jan 6, 2026

After an extensive review during move to the o365 environment we went with a more robust competitor.

About Company

Company Description

The company focuses on providing cybersecurity and compliance solutions. It primarily aims to offer protection across various digital channels such as email, web, cloud, and social media.

Company Details

Company type

Private

Year Founded

2002

Head office location

Sunnyvale, United States

Number of employees

1001 - 5000

Website

https://www.proofpoint.com

Do You Manage Peer Insights at Proofpoint?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Proofpoint Identity Threat Defense

Reviewer Insights for: Proofpoint Identity Threat Defense

Deciding Factors: Proofpoint Identity Threat Defense Vs. Market Average

Proofpoint Identity Threat Defense Likes & Dislikes

1) Identity deception and honeytokens with high-fidelity Alerts:- I this we can plant fake credentials, honey accounts/ service principals, decoy shares and deceptive AD objects. Any usage of these signals active credential theft or lateral movement with very low false positives. 2) Actionable remediation workflows and automation:- It provides step-by-step remediation such as removing permissions, rotating credentials, fixing ACL's, disabling vulnerable SPN's and integrates with ticketing to execute changes or track them. 3) Low operational noise and lightweight footprint:- Deception-based detection reduces alert fatigue and sensors are relatively light. AD assessments are largely agentless, minimizing impact on endpoints and domain controllers. 4) Strong ecosystem integrations:- Connects with common EDR, SIEM, SOAR and IAM platforms to enrich investigations and trigger automated containment e.g host isolation, credential rotations, policy updates. 5) Incident response acceleration:- During an event, quickly highlights compromised identities, exposed paths for lateral movement, and priority containment actions to limit blast radius.

Microsoft Product integration, reporting, unified consoles

Very strong ID-focused threat detection, helps identify suspicious behaviour, privilege abuse; not a lot of noise, alerts are sensible, genuine and actionable; it integrates well with other identity and security solutions, and keeps up with the modern attack vectors.

1) Windows-first visibility; gaps for non-Windows endpoints:- Endpoint and lateral movement insights are strongest on Windows joined to AD. Linux/macOS segments and identity risks outside of AD aren't as richly mapped without extra tooling. 2) Pricing and ROI considerations:- It's not the cheapest category. The value is strong if you are actively reducing AD risk and using deception detection, but teams with limited AD footprint or no bandwidth for remediation may struggle to justify the cost. 3) Policy/allowlisting management:- you will likely need to allowlist legitimate admin tools and service accounts to prevent deception triggers during routine operations. This adds ongoing governance overhead.

Was clunky in dealing with Multi Domain spread, horrible delays in mail delivery, not as robust as some competitors.

It should definitely allow for a wider customization approach, especial where it concerns advanced threat detection logic and reporting tailored to the specific company needs. Investigations could benefit from having to jump between different views, and reporting could do well to be better aligned with compliance and executive requirements and demands.

Top Proofpoint Identity Threat Defense Alternatives

4.6

(206 Ratings)

4.4

(148 Ratings)

4.4

(50 Ratings)

View All Alternatives

Peer Discussions

Proofpoint Identity Threat Defense Reviews and Ratings

4.5

(35 Ratings)

Rating Distribution

5 Star: 54%
4 Star: 40%
3 Star: 6%
2 Star: 0%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.2

Integration & Deployment

4.4

Service & Support

4.4

Product Capabilities

4.6

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

IT Security & Risk Management Associate
50M-1B USD
Healthcare and Biotech
Review Source
Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.
5.0
Dec 8, 2025
My experience with Proofpoint Identity Threat Defense has been positive. The platform is effective in identifying and mitigating identity-based threats and it provides clear alerts and actionable insights. I truly appreciate its user friendly interface and the way it supports our security processes. I think it has strengthened our ability to protect sensitive information and respond to potential risk efficiently.
GLOBAL CISO
50M-1B USD
IT Services
Review Source
Effective Detection of Identity Threats With Sensible Alerts and Integration Capabilities
4.0
Jan 29, 2026
A solid addition to our security stack that helped improve visibility into identity based threats and lateral movement potential risks. Establishes good correlating identity behaviour with real world attack paterns. There's room for improvement, but it's part of the stack that we're not considering changing.
Operations Associate
10B+ USD
Banking
Review Source
Identity Threat Detection Offers Strong Visibility But Involves Complex Setup and Costs
4.0
May 4, 2026
Proofpoint Identity Threat Defense provides strong visibility into identity based threats and effectively compliments existing security controls. The solution is particularly effective in detecting compromised accounts, lateral movement and anomalous user behaviour that traditional perimeter controls often miss.
It Associate
50M-1B USD
Telecommunication
Review Source
Initial Cleanup Phase Unveils Overwhelming Number of Cached Credentials and Risks
5.0
May 4, 2026
My overall experience has been eye-opening regarding how vulnerable identity can be within a large network. As someone in Qa, I appreciate the structured logic of the platform -it doens't just block threats; ir maps out the 'Identity Debt' and helps us clean up old, cached credentials that we didn't even realize were still active.
IT ASSOCIATE
50M-1B USD
Manufacturing
Review Source
Removes Risky Permissions Efficiently but May Be Complex to Deploy and Maintain
4.0
May 6, 2026
Proofpoint Identity Threat defense is a part of their ITDR for monitoring ADs, Azure IDs, etc. and responding to threats accordingly. Its been about a year since my company has been using it and so far it does its job especially credential theft and misuse.

Showing Result 1-5 of 35

Recommended Gartner Insights

This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.

Proofpoint Identity Threat Defense

Overview

Product Information on Proofpoint Identity Threat Defense

What is Proofpoint Identity Threat Defense?

Proofpoint Identity Threat Defense Pricing

Overall experience with Proofpoint Identity Threat Defense

“Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.”

“Delays in Mail Delivery and Multi Domain Issues Reported with This Product”

About Company

Company Description

Company Details

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Proofpoint Identity Threat Defense

Reviewer Insights for: Proofpoint Identity Threat Defense

Deciding Factors: Proofpoint Identity Threat Defense Vs. Market Average

Proofpoint Identity Threat Defense Likes & Dislikes

Top Proofpoint Identity Threat Defense Alternatives

1. Falcon Next-Gen Identity Security

2. Microsoft Defender for Identity

3. Singularity Identity

Peer Discussions

Proofpoint Identity Threat Defense Reviews and Ratings

4.5

(35 Ratings)

Rating Distribution

Customer Experience

Product Capabilities

Proofpoint Identity Threat Defense:- Strong, Proactive Identity Protection.

Effective Detection of Identity Threats With Sensible Alerts and Integration Capabilities

Identity Threat Detection Offers Strong Visibility But Involves Complex Setup and Costs

Initial Cleanup Phase Unveils Overwhelming Number of Cached Credentials and Risks

Removes Risky Permissions Efficiently but May Be Complex to Deploy and Maintain

Recommended Gartner Insights

User Sentiment About Proofpoint Identity Threat Defense

Reviewer Insights for: Proofpoint Identity Threat Defense

Deciding Factors: Proofpoint Identity Threat Defense Vs. Market Average

Proofpoint Identity Threat Defense Likes & Dislikes