Launched in August, 2022 and replacing Proofpoint Archiving and Compliance, Proofpoint's Intelligent Compliance Platform offers enterprises regulatory compliance safeguards while simplifying corporate legal protection practices. The platform offers AI-powered collection, classification, detection, prevention, search, eDiscovery, supervision, and predictive analytics, helping companies to meet complex compliance and information governance obligations.
N/A
ThreatConnect Risk Quantifier™ (RQ)
Score 7.3 out of 10
N/A
Risk Quantifier (RQ) translates cyber risk into clear financial terms, allowing security leaders to prioritize defenses and communicate impact in the language of business. By mapping MITRE ATT&CK techniques and vulnerabilities to financial loss scenarios, RQ enables cost-justified security decisions. Together with TI Ops and Polarity, RQ ensures that operational efforts align to risk-based priorities — bridging the gap between threat activity and executive decision-making.
Proofpoint Intelligent Compliance is well suited for organizations with a large amount of employees, in my opinion, as they have a lot of options for grouping users in various ways to send specific learning content to them. For a smaller organization, the employees might utilize all of the built-in training videos, phishing simulations, and content more rapidly, which would not justify the pricey cost of the tool.
Well-Suited Scenarios: Reporting to management where financial risk metrics are required. - Vulnerability prioritization when you need to rank issues by real exploit risk and financial/business impact. Less-Appropriate Scenarios: Fast-changing cloud environments where asset data needs updates too frequently for accurate models required all the time. - Incident investigation, as ThreatConnect Risk Quantifier™ (RQ) is not designed for real-time check
Email archiving. Being able to access, on the fly, your entire email archive. Being able to filter by date, sender, attachment, etc. It can get really granular and is able to pull up records fast.
Targeted Attack Protection for all incoming emails. Having the ability to automatically scan, quarantine, or re-write URLs within emails. Comparing incoming emails to potential phishing attempts already seen by other institutions.
Email encryption & automatic encryption are based on certain rules set up on the firewall. e.g. automatically encrypt outgoing email if it has an attachment or contains a string of numbers that may be personal information.
The end-user interface is lacking in appeal/aesthetics and is not that intuitive. I have seen archive solutions that don't work very well have a better interface than this. I think the interface can be prettied up quite a bit.
The admin interface is lacking in features and is not intuitive. It has more capabilities than the previous archives I've used, but utilizing these features is a little complicated without demos or being walked through it.
We have had a lot of accounts not map properly. Apparently, there is a limit as to how many errors can be outstanding before you run into issues because all the emails tied to those issues are "queued" waiting for a home (and there is a storage limit for that). I have to set a reminder to check that periodically and resolve the issues manually.
Dashboards can be customized to offer more options, especially for technical teams that require deeper drill-downs and also more simpler and user-friendly.
Processing large data files can be slow sometimes, especially during large builds or bulk updates.
Risk modules sometimes need manual intervention for multi-client environments, which can be time-consuming.
I rate ThreatConnect Risk Quantifier™ (RQ) an 8 because it’s generally easy to use once the integrations are set up. The dashboards, risk scores, and financial impact metrics are very straightforward and help make quick decisions for executives. However, the initial configuration and model tuning can be a bit complex it's not a perfect 10 for me.
We did a bake off and for our particular needs Proofpoint was the right product. We used a matrix with requirements and their product checked all the boxes. Making it a easy decision.
ThreatConnect Risk Quantifier™ (RQ) stacked up better than RiskLens, better for our organization, is mainly because it integrates directly with our scanners, SIEM, and CMDB, allowing automatic, real-time risk monitoring. It also combines exploit intel, asset value, and vulnerability data more efficiently, giving us clearer technical priorities for the business impact. We chose ThreatConnect Risk Quantifier™ (RQ) because it provides faster, more actionable risk scoring with less manual modeling than RiskLens.
