Proofpoint Targeted Attack Protection for Email Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
46 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.0 out of 101

Do you work for this company?

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 33)

Jane Updegraff profile photo
October 22, 2019

Proofpoint just works

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint's TAP product rewrites all URLs contained in emails that come to all of our email domains. The rewritten URL is substituted in place of the original link so that when the user clicks on it, instead of automatically taking the user to where the link points, it opens that site in a sandbox on a Proofpoint server before it approves or denies the destination based on anaylsys of what happens in the sandbox. Uusually they catch malicious URLs immediately although sometimes it takes them a few minutes or even a couple of hours, but eventually they notice nearly all of them, preventing my end users from infecting our PCs by clicking.
  • Rewrites URLs in all our emails and very rarely misses one
  • it works very well to protect our users from themselves and their bad habits
  • Their admin web GUI is cumbersome and unclear in many ways. The learning curve is steep so you have to stay up on things yourself whenever a new feature or service is added.
  • They sometimes add a feature to their toolbox without informing their customers. This is true even when the feature added does not cost extra.
This product is a good idea for any organization that finds themselves the target of malicious emails of any kind. Whether it be phishing, maleware, attachments with nefarious installers, etc, Proofpoint TAP catches nearly every single bogus URL and dangerous attachment by opening those items before our user can get to them. Proofpoint saves our users from themselves.
Read Jane Updegraff's full review
christine nagy profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection is used across our entire organization worldwide, which includes 15 global offices. It provides next-gen email security for Advent.
  • Messages with malicious URLs are blocked/quarantined and kept out of end-users mailboxes
  • Sometimes you'll get a TAP warning that messages with malicious content were already delivered to users mailboxes BEFORE the Proofpoint algorithm detected them as malicious.
We receive malicious content that Targeted Attack Protection has blocked almost on a daily basis.
Read christine nagy's full review
Jerry Robinson profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Targeted Attack Protection (TAP) for Email is used across the entire enterprise. TAP gives us a layer of protection against the numerous attack vectors that exist in the cyberworld.
  • Attachment Defense. This component scans all attachments for malicious content, quarantining anything suspicious. This is a must have for any legitimate email protection product.
  • URL Defense. With so many phishing attempts out there that try to lure the unsuspecting user into clicking a link to a malicious web site, URL Defense provide an invaluable safety net by encoding the URL and re-routing it to Proofpoint's "sandbox". If legitimate, it seamlessly redirects the user to the original URL. Despite your best efforts at education, a percentage of your end users will click the link. Knowing that TAP is sandboxing those links to test for malicious activity is protection we cannot live without.
  • TAP Dashboard. This lets me see who's being targeted in my environment as well as provide metrics that tell me how effective the protection has been. We're able to identify our "VIP's" so that we can receive special alerets whey they come under attack.
  • It's a stretch for me to find something that needs improvement. If I had to put at least one thing it would relate to URL Defense. The process works great but, there are times when you have to decode the encoded URL. Currently, the only place to do that is in the TAP dashboard. To save clicks and logins, it would be nice to have that decode functionality in the Proofpoint management console.
  • No other issues.
I believe TAP is well suited for all scenarios but some organizations may wish to implement part, or all, of TAP for specific departments. That can be done by AD group membership.
Read Jerry Robinson's full review
Chris Bash profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection for Email (TAP) is being used by our entire organization as a second defense against email malware. If email malware does initially get by Proofpoint Secure email, TAP catches it and notifies us of the breach and goes further to protect us with rewritten URLs.
  • We receive email TAP alerts when malicious email gets past the Proofpoint Secure Email product.
  • TAP provides very a detailed analysis of the any email malware that potentially reaches our end users.
  • The overall reporting from TAP is very beneficial, especially the way it will compare our organization to similar organizations.
  • I have not found a way to automate emailing me custom reports like I can do with Proofpoint Secure email.
  • Sometimes you have to click through multiple links to get to the details of a malware email.
TAP alert email notifications have become very valuable when malware gets by Proofpoint's Secure email product. With the notifications we can quickly remediate email malware that has reached end users.
Read Chris Bash's full review
Alan Daniel profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection (TAP) is used across the entire organization. This solution provides for URL rewrites and safe attachments. With email critical to our business (like everyone else) this extra level of protection is absolutely necessary given the phishing attacks that are at an all-time high. We are notified of any actions that result in a user clicking something that is later determined to be malware or phishing.
  • URL defense.
  • Safe attachments.
  • Detection and incident response.
  • The administrative user interface could be a bit more intuitive.
  • Notifications are still somewhat cryptic when an event is identified.
  • This feature is a separate cost from standard email protection.
In general, the functionality provided by TAP is necessary in today's world of email threats. The users need this extra level of protection when so many emails have links and attachments in them. The odds of something nefarious being opened or clicked on is high so TAP is essential to have in place.
Read Alan Daniel's full review
Fraser Clark profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint TAP is being used by our entire organisation, which is a multi-national company with offices in central Europe. With TAP, we are able to see malicious attachments & links that are being sent to our organisation. It gives us excellent insights into our users and what sort of attacks we are seeing come in.
  • URL rewriting. TAP can rewrite URLs to obfuscate potentially harmful links. And if it is harmful, then we can see this in the dashboard and respond appropriately.
  • Attachment defense is particularly impressive. We see 99% of attachments which are potentially malicious being blocked.
  • Reporting. The reporting in TAP is fantastic and provides great insight into our organisation. It's the sort of reports the senior management are interested in.
  • The dashboard can be a bit tricky to understand. There is a lot of info, and it can be confusing at first to figure out what certain phrases mean.
  • Drilling down into attack dashboards, I would expect some items to be clickable to get more info. But they are not which means I have to search around for the information I want.
  • Again, the effectiveness dashboard does not have a lot of clickable elements, but they look like they should be which is frustrating.
I think Proofpoint Targeted Attack Protection (TAP) is suited to larger organisations that can also afford to purchase Threat Response Auto-Pull (TRAP) from Proofpoint, as these work in tandem very, very well.
With smaller organisations, it could potentially provide a lot of work investigating things found within TAP rather than just having TRAP deal with the issues automatically.
Read Fraser Clark's full review
Casey Ketcham profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Targeted Attack Protection sends us alerts us via a detailed email if Proofpoint detects things such as an impostor email sent to one of our VIPs. This allows us to reach out to the user to make sure they are aware that the email is bogus so that they do not possibly give away any private information to the impostor.
  • Detailed GUI
  • Email alerts
  • Stops impostor emails
This would be well suited for medium to large businesses. A small business could likely get by without it.
Read Casey Ketcham's full review
Sateesh Konijeti profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source
We are using Proofpoint currently for email security and this is for our global level implementation. We have also integrated it with our firewall Palo Alto too.
  • We have been observing TAP is working well and also the integration with Palo Alto is working great.
  • Having a very good experience with Proofpoint support and very super support from them. However we have not been notified of any new updates. Not sure, if these updates have already been sent to procurement team, but not the Allegis support group.
  • We do see the TAP dashboard also has a URL for rewriting details and email alerts too, which will help us to identify the actual threats and also we can report them if the attack is a false positive as well.
  • In the search pane, we could have more detailed information and which may useful while validating the incoming email for the engineers.
  • I do agree no product is able to block any sort of new malware/phishing attacks, but I have been observing unless we are reporting it Proofpoint is unable to identify a threat in some cases (and after the virus engines have been updated). This could be improved.
  • Also in few cases, the email might get blocked if we add the IP to our blacklist policy route. However there is no sign of email activity from that source. We should at least be able to see that info.
We had a hard time with our previous product for email security (EOP), and Proofpoint is a very good replacement for EOP in terms of being more accurate in blocking attacks and in a few cases it wasn't able to perform as expected, but it is still fine.
Read Sateesh Konijeti's full review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
We have been using the Proofpoint TAP for about 2 years now and I cannot imagine us not having it in our environment. We are constantly under attack and the TAP has been vital in helping to protect us from threats. We actually receive so many threats that I start to wonder if something is not working when I look at the TAP dashboard and it shows no threats at all! This is being utilized to protect our entire organization from email threats.
  • Impostor email detection is a fantastic feature and works very well.
  • The sandbox feature helps to ensure confidence that their evaluation of the email threat is valid.
  • Easy to use (and understand) dashboard make identifying and managing email threats a breeze.
  • Occasionally, we have a false positive or false negative, but those are easily corrected.
  • Would like the ability to upload a file to have it automatically exploded via sandbox to determine threat.
Almost every single day we receive dozens of threats in which the Proofpoint TAP system stops. We also appreciate the automated emails that notify us of new threats and "at-risk" users. This helps us to quickly mitigate any threats in our environment. The emails help us to get a jump on notifying our end users of the threats. Additionally, the ability to rewrite URLs also helps to prevent clicks on malicious content.
Read this authenticated review
No photo available
Score 1 out of 10
Vetted Review
Verified User
Review Source
We purchased this for our full-time fac/staff and attempted to get this for our students as 'included' since they slipped by our legal to not include our students first off. We had to pay a ton to get the students included. Also, EOP based AV does a better job of blocking bad attachments. The best use case I can give you is if you put the phishing link inside a PDF TAP, it will send it on clean. MS AV will catch it every time. I watch the TAP alerts on misses, and I will pull the message with Get-Messagetrace and its details; sure enough, it got caught there!
  • Slowing down mail flow for scanning.
  • Limiting to a specific sub group of your org.
  • Sending lots of mail unthrottled by default.
  • Stopping bad mail.
  • Hashing spam emails in a more efficient way.
Very useful for a very small organization where scaling and learning algorithms have a standing chance to work. It's places that receive 1 million messages a day and have to try to provide infrastructure as a service, i.e. many independent domains trying to be self-managed, that are challenging for this product.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint Targeted Attack Protection for our entire organization. Our security team uses it every day to look into/analyze different threats that we are seeing coming into our network via email. We have the alerts set up to get us looking into the "critical" events, but we can use the data in the platform every day. It helps us realize how well Proofpoint Email Security is doing, and provides great stats/numbers for us to give to management to show what has been accomplished.
  • Usability - The product is very easy to use, and begins giving a lot of valuable information immediately.
  • Detail - The amount of detail for each threat is great, and helps us with "proving" there may be a problem somewhere.
  • Defense - The URL rewrite function and sandbox function are great, and we saw immediate return from just those.
  • Sandboxing can be slow at times, but that is understandable, but hard to explain to end users.
  • URL rewrite takes time for the users to get used to the fact that every URL now looks "phishy".
I think that the dashboard is amazing and gives us insight into things that we have never "looked" into before. It gives us actionable items immediately and allows us to provide enough details to the correct teams to get things resolved in a timely and quick fashion.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
TAP helps mitigate targeted attacks, and also helps with researching what was attempted, and helps identify people who are more at risk (ie, if they clicked a link, etc)
  • Concise threat context
  • URL rewriting
  • I don't find the TAP portion of the product to be deficient. I think it's easy to use and is extremely helpful.
Again, I think technology in this area is well suited at any organization.
Read this authenticated review
No photo available
September 09, 2019

Ahead of its time!

Score 10 out of 10
Vetted Review
Verified User
Review Source
TAP is used strictly by our Information Security department. It is very beneficial to us in two ways. Phishing attacks and our VAPs. The way that TAP seamlessly integrates with our company is unparalleled to any other product. We are able to train our users better with the knowledge we gain from TAP.
  • The best software for gaining better cyber awareness of your company!
  • Intelligence like no other!
  • Allows faster response and more efficient workflow!
  • When an alert is made sometimes some information is lacking.
  • Other than that, no complaints.
Like I said earlier, TAP seamlessly integrates with your company and provides a great user experience. I would highly recommend it due to the fact that there is no other software like it that can compare!
Read this authenticated review
No photo available
August 29, 2019

TAP for Protection

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection for Email is being used across our entire organization. It helps protect our users from emails that may contact malicious code in an attachment or a link that may take them to a site where their credentials can be compromised. Ultimately it protects our customers' information in turn.
  • Stopping attachments, bad URLs, and embedded malicious code.
  • Sometimes there is a delay in detecting the threat, and by that time it has been delivered to a mailbox and the user may have clicked on a URL or opened an attachment.
  • Added functionality is in separate add-on modules at a cost.
  • TAP dashboard could be made easier to navigate to gather details of the threat.
Proofpoint Targeted Attack Protection for Email is well suited for any business to protect against all the threats that are so commonly coming in through emails. By isolating the email in the sandbox to analyze the contents, it protects us against information or credentials/integrity loss if a user were to click a link or open a malicious attachment.
Read this authenticated review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using Proofpoint to scan and inspect all inbound mail and it is at the forefront of protecting all of our end-users from email-based attacks. We also utilize their encrypted mail features for sending secure mail to customers. I have had to work with other products in this space, such as Barracuda and Cisco IronPort, all of which are great products; however, I would rank my experience with Proofpoint (so far) above any of them in its effectiveness and support.
  • URL re-writing and sandboxing is very effective.
  • Need to find a solution to e-mails with links to cloud-based documents with malicious payloads.
Proofpoint Targeted Attack Protection works well to mitigate risk in the e-mail attack surface.
Read this authenticated review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
The whole group is using Proofpoint TAP inherently. It is part of the email protection solution package. The TAP part works great with the TRAP appliance at the moment a malicious email was found later. But utilizing the API, TAP can notify TRAP to auto pull the message from the user mailbox. Though there is a bug in it at the current version, making this not work for maybe 10% of the messages, it does work great for most messages.
  • Finding threats.
  • Reporting.
  • Insight into the threats (sandbox results).
  • Solve the bug with the TRAP integration.
  • Have consistent look & feel with the other Proofpoint products.
It does integrate very nice with both the main email protection product and the TRAP auto pull product. This makes the email protection offering a lot better than our previous product.
Read this authenticated review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use it for our entire organization. Primary requirements to prevent advanced malware and phishing attacks. In addition, we also use it for data loss prevention (DLP) to meet client and regulatory requirements. We also leverage this platform for e-mail protection against spam and phishing attacks.
  • Alert on malware/attacks that made it through, so we can respond.
  • Data loss prevention (DLP) is very flexible and accommodates our needs.
  • More advancement in the imposter technology.
  • Integration between Wombat (phishing campaign tool) and email.
The majority of email threats are identified or blocked through TAP. Pre-TAP we were overrun with incident tickets and alerts. With TAP we have a higher level of confidence.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
This is used globally as part of our overall email hygiene program.
  • Easy to manage.
  • Easy to deploy.
  • Proven solution.
  • Adoption can be a problem, but only early on.
This, for us, is the leading platform to build as part of our overall email security program.
Read this authenticated review
No photo available
Score 7 out of 10
Vetted Review
Verified User
Review Source
Targeted Attack Protection for Email is deployed globally protecting my entire organization. It works in conjunction with other Proofpoint services to help protect my organization from email threats such a malware, phish, and other nefarious email threats. It helps provide security of a primary communications platform, email.
  • Identify malware
  • Identify targeted employees
  • Provide details of threats targeting recipients
  • Ability to correlate threat actors with my organization's listing of threat actors
  • Whitelist sources of safe senders
  • Reporting on VIP-targeted threats
Some scenarios where Proofpoint Targeted Attack Protection for Email is well suited include: ability to identify threats targeting your organization and ability to correlate threats and threat actors.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Reseller
Review Source
TAP is an optional module for Proofpoint Email Security that can be licensed. It consists of "URL Defense" and "Attachment Defense." The first one is a mighty tool which provides security for inbound mail traffic by analyzing (and blocking) access to harmfull external URLs. 'Attachment Defense' is even mightier. As a company, you get a lot of emails with attachments, especially documents like PDFs or Microsoft Office file formats. Attachment Defense is a Sandbox cloud service provided by Proofpoint, which analyzes these files and checks if they contain bad content like malicious macros. All normal Antivirus scanners work signature-based, so they are not able to open a document like Adobe Reader or MS Office would do it. This is what Proofpoint Targeted Attack Protection does for you. Up to now, there is no other way to automatically check every attachment this way (Sandboxing).
  • It's a carefree solution for automatic approval of (bad) attachments.
  • A carefree solution for automatic approval of bad URLs.
  • Alerts for admins if the attachments or allowed URL clicks afterwards turned out to be malicious.
  • A lot of information about malware campaigns inside the TAP Dashboard, and useful info, like who's the most attacked target in your company.
  • Expensive (but justified).
  • A lot of German companies are very sensitive about their data and privacy. You have to trust Proofpoint here.
It is (of course) well suited if you have a lot of mail traffic which contains attachments and external URLs. In general, Proofpoint Targeted Attack Protection will suit you if your users have no sense of security, and if they click on every link without thinking for a second if a mail looks legitimate or not. Better safe than sorry!
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection is used to scan incoming email attachments for malicious
code using Proofpoint’s email attachment sandboxing technology.
  • Proofpoint Targeted Attack Protection detects malicious attachments very well.
  • In three years of use we had less then a 0.001% false positive rate with the product.
  • When the product experiences technical issues your team will have to manually review attachments for malicious threats.
  • The scanning process delays email messages with attachments between 3-5 minutes during scanning.
Proofpoint Targeted Attack Protection is a great tool to detect and block malicious macro-enabled
documents before they are received by your email system's perimeter servers.
Read this authenticated review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source
Proofpoint TAP is used as part of our email security strategy. Inbound emails are scanned by TAP for malicious attachments, links, and other indicators of compromise. Proofpoint TAP logs feed into our SIEM for investigation and correlation against other log data. TAP can also be used to input IOCs like URLS so that the emails are blocked before entering the environment. Today we receive two types of alerts from TAP, one lets you know that Proofpoint now recognizes this email to be malicious and the analysts can investigate and remediate. The second type of alert is that an individual has clicked on a link that is known bad. Then the analysts can search logs for if the user successfully made it to the website and input any data.
  • Block malicious and phishing emails
  • Alert of now known to be bad emails
  • Threat intelligence for tracking campaigns
  • Metrics and dashboards around email activity
  • Ability to block additional IOCS instead of just URL
  • Ability to integrate with threat intelligence platforms
  • What they label as a false positive is not always a false positive
Proofpoint TAP is well suited to guide in investigation of malicious or phishing emails. It allows you to track the campaign and see the top email threats attacking your environment. You can input VIP level users for enhanced reporting. The ability to view a sandbox report with details of what the link or attachment does is useful.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
TAP has been deployed as a global solution to filter malicious emails from exploiting the network. TAP has significantly reduced the number of machines that we have rebuilt due to malware related to phishing links and attachments.
  • Plug and play with little effort.
  • Blocks a majority of malicious email.
  • URL re-write allows links that may have slipped through to be analyzed in real-time.
  • Improved analytics could improve automated blocking features and lead to fewer patient zero cases.
If phishing is a concern, Proofpoint TAP is the answer to all your problems.
Read this authenticated review
Riccardo Francese profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection (TAP) is guarding against ransomware and defending us with URL filtering to ensure we don't get e-mail messages that could hurt our organization. Over the past year alone we have received several messages from some of the firms we deal with and they were infected with a virus and TAP guarded us against this.
  • URL Filtering / URL Defense
  • Machine Learning
  • Ransomware Prevention
  • False Positives
Proofpoint TAP is seamless to the end-user and continues to work in the background to protect the organization. It is well suited for all organizations big or small; however, false positives can appear.
Read Riccardo Francese's full review

Feature Scorecard Summary

Anti-malware (22)
7.9
Cusomizability (21)
7.0
Data Loss Protection (11)
5.9
Threat Detection (23)
8.1
Sandboxing (18)
8.2
End-to-End Encryption (13)
7.6
Management Tools (23)
7.0

About Proofpoint Targeted Attack Protection for Email

Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and credential-stealing phishing techniques to obtain sensitive information. TAP seamlessly integrates with the Proofpoint secure email gateway (Proofpoint Email Protection) to deliver best-in-class email security in a way that is cost effective and easy to use. TAP leverages the cloud to scale deployment, adapt analysis and protect people on any network or device.

With Proofpoint Targeted Attack Protection (TAP), you can:

  • Provide sophisticated analysis to prevent threats from getting to a user's inbox.
  • Detect known and unknown threats using adaptable analysis capabilities.
  • Provide security teams detailed analysis and visibility about threats and threat campaigns.
  • Provide visibility into threats targeting the Very Attacked People (VAP) in an organization.
Categories:  Secure Email Gateway

Proofpoint Targeted Attack Protection for Email Features

Has featureProvide sophisticated analysis to prevent threats from getting to users inbox.
Has featureDetect known and unknown threats using adaptable analysis capabilities.
Has featureProvide security teams detailed analysis and visibility about threats and threat campaigns.
Has featureProvide visibility into threats targeting the Very Attacked People (VAP’s) in an organization

Proofpoint Targeted Attack Protection for Email Support Options

 Paid Version
Phone
Live Chat
Email
Forum/Community
FAQ/Knowledgebase
Video Tutorials / Webinar

Proofpoint Targeted Attack Protection for Email Technical Details

Deployment Types:On-premise, SaaS
Operating Systems: Windows, Linux, Mac
Mobile Application:No