Proofpoint Targeted Attack Protection (TAP) vs. Trellix Endpoint Security ENS

Proofpoint Targeted Attack Protection is a great security application for notifying our team about when our users click on malicious links. It provides a good explanation of the attack scenario, including the Sender, Subject, as well as other users that this attack has been sent to. It is also very useful in helping provide metrics on what types of attacks have been sent to the organization historically.

Incentivized

It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.

Incentivized

• Impostor email detection is a fantastic feature and works very well.
• The sandbox feature helps to ensure confidence that their evaluation of the email threat is valid.
• Easy to use (and understand) dashboard make identifying and managing email threats a breeze.

Incentivized

• Provides high fidelity alerting.
• Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass.
• Provides alert telemetry across on-disk and in-memory attacks.
• Supports many additional 'bolt-on' modules to provide additional alert context or capabilities.

Incentivized

• Their admin web GUI is cumbersome and unclear in many ways. The learning curve is steep so you have to stay up on things yourself whenever a new feature or service is added.
• They sometimes add a feature to their toolbox without informing their customers. This is true even when the feature added does not cost extra.

Incentivized

• The amount of false detections especially the negative ones needed to be reduced.
• It requires more optimization. It tends to make the PCs slower.
• It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
• It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.

Incentivized

Not my decision, but I have made it very clear this product does not perform. I have emails from our users on how bad it is after switching to it.

Incentivized

The interface is simple to use but still contains the information needed to conduct thorough investigations. If you own licenses for other Proofpoint tools, Proofpoint Targeted Attack Protection is easily accessible from those applications. The ability to sandbox URLs within the TAP interface is a great feature as well. The overall performance of the GUI is seamless, especially if enabled with your organization's SSO.

Incentivized

So below is my breakdown, Pro's: Centralized Management, Comprehensive Protection and customization. Con's: Initial cost

Incentivized

Generally have had good response and resolution time with knowledgeable technicians, and if needed the ticket is moved to someone with more expertise to better address the issue. Have used the ticketing portal, phone, as well as the beta chat feature (permanent please!)

Incentivized

The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.

Incentivized

Proofpoint managed the installation and made it very simple. We had a dedicated installation engineer who checked in on use periodically after go-live to ensure that there were no issue.

Incentivized

This is the first product of its kind that I've used personally. The last 3 companies that I worked for also used Proofpoint, which includes Proofpoint Targeted Attack Protection, so I don't have a way to really compare it. I have seen that it is a leader in the industry.

Incentivized

Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage

Incentivized

• Saves IT time when an attack is successful and isn't reported in a timely manner or at all until damages are done. IT has to spend less time and effort because we are able to stop it before it spreads.
• Protecting business resources and assets is a huge positive impact. TAP allows us to better protect our business and information within.
• The only negative thing is that it doesn't automatically handle these attacks - but that is what TRAP is for! I wish Proofpoint bundled TAP and TRAP.

Incentivized

• From an auditing standpoint, we can show that our workstations/servers are protected.
• Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
• Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.

Incentivized