TrustRadius
https://media.trustradius.com/product-logos/F0/xp/ZI37TT6KDWCX.JPEGProofpoint - The Proof is ThereTargeted Attack Protection (TAP) for Email is used across the entire enterprise. TAP gives us a layer of protection against the numerous attack vectors that exist in the cyberworld.,Attachment Defense. This component scans all attachments for malicious content, quarantining anything suspicious. This is a must have for any legitimate email protection product. URL Defense. With so many phishing attempts out there that try to lure the unsuspecting user into clicking a link to a malicious web site, URL Defense provide an invaluable safety net by encoding the URL and re-routing it to Proofpoint's "sandbox". If legitimate, it seamlessly redirects the user to the original URL. Despite your best efforts at education, a percentage of your end users will click the link. Knowing that TAP is sandboxing those links to test for malicious activity is protection we cannot live without. TAP Dashboard. This lets me see who's being targeted in my environment as well as provide metrics that tell me how effective the protection has been. We're able to identify our "VIP's" so that we can receive special alerets whey they come under attack.,It's a stretch for me to find something that needs improvement. If I had to put at least one thing it would relate to URL Defense. The process works great but, there are times when you have to decode the encoded URL. Currently, the only place to do that is in the TAP dashboard. To save clicks and logins, it would be nice to have that decode functionality in the Proofpoint management console. No other issues.,10,I believe this has been one of the best protection offerings we have used. It's hard to quantify an ROI on something like this but, at the same time, you cannot put a price on the safety it affords.,The only internal group that has ever looked at the TAP dashboard is IT. The information in TAP allows us to tailor special education for highly targeted users, even if all we do is let them know that they're being targeted.,TAP has met, or exceeded, our expectations. We see daily evidence of the efficacy of the solution.,Barracuda Email Security Service and Forcepoint Email Security,Duo Security,2000,3,Phishing prevention. Anti-malware. Anti-spoofing.,There were no unexpected uses for this product.,There are no additional ways this product can be used by our organization as it stands today.,10,Yes,Price Product Features Product Usability Product Reputation,I can't begin to imagine how I would change my process.,Implemented in-house,Yes,Change management was minimal,The only issues we encountered revolved around us understanding how the product worked; specifically, how it differed from our previous solutions.,10,Yes,10,Every support request I've had has been satisfactory; but, what I really like is the quarterly heath check that they do to help ensure that I've not made a policy change that will weaken my protection.,Spam detection Visus detection Email Firewall,Email Authentication Understanding how policy routes and whitelisting works.,No,9TAP has saved us multiple times against post malware threats.Proofpoint Targeted Attack Protection for Email (TAP) is being used by our entire organization as a second defense against email malware. If email malware does initially get by Proofpoint Secure email, TAP catches it and notifies us of the breach and goes further to protect us with rewritten URLs.,We receive email TAP alerts when malicious email gets past the Proofpoint Secure Email product. TAP provides very a detailed analysis of the any email malware that potentially reaches our end users. The overall reporting from TAP is very beneficial, especially the way it will compare our organization to similar organizations.,I have not found a way to automate emailing me custom reports like I can do with Proofpoint Secure email. Sometimes you have to click through multiple links to get to the details of a malware email.,9,I feel that TAP has saved us tremendous amounts money guarding us against phishing attacks. TAP's spoof intelligence has also protected our end users.,Our security IT team has used threat insight as a way to protect and educate our very attacked persons (VAP).,Yes, TAP has met and often times exceeded my expectations for protection.,Microsoft Enterprise Mobility + Security and Microsoft Cloud App Security,Windows Defender Advanced Threat Protection (Hexadite AIRS), Microsoft Cloud App Security, Microsoft 365 BusinessSave your money and find something elseWe purchased this for our full-time fac/staff and attempted to get this for our students as 'included' since they slipped by our legal to not include our students first off. We had to pay a ton to get the students included. Also, EOP based AV does a better job of blocking bad attachments. The best use case I can give you is if you put the phishing link inside a PDF TAP, it will send it on clean. MS AV will catch it every time. I watch the TAP alerts on misses, and I will pull the message with Get-Messagetrace and its details; sure enough, it got caught there!,Slowing down mail flow for scanning. Limiting to a specific sub group of your org. Sending lots of mail unthrottled by default.,Stopping bad mail. Hashing spam emails in a more efficient way.,1,Our users complained for months that they were getting more spam then our old solution. The digest was confusing especially combining 365 filters. It resulted in large numbers of tickets to track mail.,Executives that were mesmerized by the new shiny object without proof of concept or testing it first.,Absolutely NOT!! We purchased this for our full-time fac/staff and attempted to get this for our students as 'included' since they slipped by our legal to not include our students first off. We had to pay a ton to get the students included. Also, EOP based AV does a better job of blocking bad attachments. The best use case I can give you is if you put the phishing link inside a PDF TAP, it will send it on clean. MS AV will catch it every time. I watch the TAP alerts on misses, and I will pull the message with Get-Messagetrace and its details; sure enough, it got caught there!,Microsoft 365 Business, Windows Defender Advanced Threat Protection (Hexadite AIRS) and Barracuda Email Security Service,Windows Defender Advanced Threat Protection (Hexadite AIRS), Barracuda Email Security ServiceTAPping into your infosec capabilities with Proofpoint Targeted Attack ProtectionThe Infosec team uses TAP to be alerted when threats occur, compromises may have happened, and actions may need to be taken. It gives us insight into the attacks that have occurred, a lot of background on them (if available), and who was targeted and who fell for the attacks. It helps us protect the company from attacks and quickly resolve them.,TAP allows administrators and authorized users to effectively analyze threats and identify all targets. The tracking (did a user open an email, did they click a link and how many times) and analytics are a great asset to have for any IT admin. The ability to flag specific users as VIPs or important folks you want to keep an extra measure of attention on.,Sometimes, it is difficult to determine what the threat did or the effect it had on the recipients. I think this is most difficult due to our inexperience, so I imagine this will be easier for us over time.,10,Saves IT time when an attack is successful and isn't reported in a timely manner or at all until damages are done. IT has to spend less time and effort because we are able to stop it before it spreads. Protecting business resources and assets is a huge positive impact. TAP allows us to better protect our business and information within. The only negative thing is that it doesn't automatically handle these attacks - but that is what TRAP is for! I wish Proofpoint bundled TAP and TRAP.,Infosec. Because we handle the issues from start to finish. We put the time in to resolve the issues and we gain understanding how to better protect and educate our users based on the insights we get from the Targeted Attack Protection dashboard. Because of this, we know products like Wombat will benefit us tremendously.,Yes. Unfortunately, it doesn't catch everything. But what system does? I think it is very effective.,Barracuda Email Security ServiceGreat foundational piece to any email protection strategy.This is used globally as part of our overall email hygiene program.,Easy to manage. Easy to deploy. Proven solution.,Adoption can be a problem, but only early on.,10,We suspect there are instances and the impact is positive, but hard to quantify.,Finance and executive team are constantly targeted so these found it the most useful.,It delivers what it promised. Provides world-class protection along with user behavior management and training.,Microsoft 365 Business,CylancePROTECTTAP is worth its price. It really saves time and makes your network save.TAP is an optional module for Proofpoint Email Security that can be licensed. It consists of "URL Defense" and "Attachment Defense." The first one is a mighty tool which provides security for inbound mail traffic by analyzing (and blocking) access to harmfull external URLs. 'Attachment Defense' is even mightier. As a company, you get a lot of emails with attachments, especially documents like PDFs or Microsoft Office file formats. Attachment Defense is a Sandbox cloud service provided by Proofpoint, which analyzes these files and checks if they contain bad content like malicious macros. All normal Antivirus scanners work signature-based, so they are not able to open a document like Adobe Reader or MS Office would do it. This is what Proofpoint Targeted Attack Protection does for you. Up to now, there is no other way to automatically check every attachment this way (Sandboxing).,It's a carefree solution for automatic approval of (bad) attachments. A carefree solution for automatic approval of bad URLs. Alerts for admins if the attachments or allowed URL clicks afterwards turned out to be malicious. A lot of information about malware campaigns inside the TAP Dashboard, and useful info, like who's the most attacked target in your company.,Expensive (but justified). A lot of German companies are very sensitive about their data and privacy. You have to trust Proofpoint here.,10,More Security in general! It really saves time. As admin, you don't have to deal with potentially bad stuff inside Emails anymore. You learn more about your users. For example: who is an often victim? who gets a lot of phishing mails?,Our Security Team, of course. But it's the only team inside our company which works with the threat insight/TAP Dashboard. The reason it is so valuable for us is its statistics and info about campaigns. Proofpoint (the company) collects so much data and information about spammers and malware. Most of this research is put inside the Threat Insight portal, and therefore we can profit from Proofpoint's knowledge.,In most cases, Targeted Attack Protection works well and does a good job. However, I had a case in the past where an attacker has put malware inside an ISO file, which has not been detected by TAP. My wish is that TAP supports more archive formats in the future.,,Palo Alto Networks Next-Generation Firewalls - PA Series, Palo Alto Networks Threat Protection, Palo Alto Networks Traps, Palo Alto Networks URL Filtering PAN-DB, Palo Alto Networks WildFire, KeePass, WiresharkProofpoint TAP ReviewProofpoint TAP is used as part of our email security strategy. Inbound emails are scanned by TAP for malicious attachments, links, and other indicators of compromise. Proofpoint TAP logs feed into our SIEM for investigation and correlation against other log data. TAP can also be used to input IOCs like URLS so that the emails are blocked before entering the environment. Today we receive two types of alerts from TAP, one lets you know that Proofpoint now recognizes this email to be malicious and the analysts can investigate and remediate. The second type of alert is that an individual has clicked on a link that is known bad. Then the analysts can search logs for if the user successfully made it to the website and input any data.,Block malicious and phishing emails Alert of now known to be bad emails Threat intelligence for tracking campaigns Metrics and dashboards around email activity,Ability to block additional IOCS instead of just URL Ability to integrate with threat intelligence platforms What they label as a false positive is not always a false positive,8,It has had a positive impact of reducing the time it takes to investigate bad emails It has provided meaningful metrics and dashboards for leadership It has provided meaningful log data to feed into the SIEM for correlation,The CyberSecurity Operations Center finds Targeted Attack Protection most valuable for the pure reason of alerting, investigating, and remediating malicious, suspicious, and/or phishing emails. The analysts can view information about the email from the GUI, view the sandbox report, see all individuals who received the email, and take the next steps.,Proofpoint Targeted Attack Protection meets most of my expectations for protecting against threats such as malware. It does stop and catch a majority of emails that have bad attachments. It could be better at analyzing and blocking URL threats. It sometimes does categorize something as a false positive. For example, if the URL is fjdksfjadsk[.]sharepoint[.]com it will label it as a false positive because sharepoint itself is good. But anyone can go and stand up a site on sharepoint and use it for malicious purposes.,Microsoft Office 365 and FireEye Email SecurityA useful addition to a solid email security productProofpoint Targeted Attack Protection's primary use for us is the URL rewriting feature, which allows sites linked to in emails to get scanned by Proofpoint before allowing users to visit them. We use this feature for all users across our organization and it is one of our primary defenses against phishing.,Post-detection of malicious web-based attacks Trending of types of attacks against our organization,URL rewrite feature makes URLs very ugly and sometimes makes users more suspicious,9,Proofpoint Targeted Attack Protection for Email is yet another dashboard for the SOC to watch and respond to, consuming analyst time and brain cycles.,Our Incident Response team has seen the most benefit from the dashboard because it helps visualize what kinds of attacks are coming in and where they're going. It's easier to fight a known enemy than an unknown one.,Mostly, yes. Proofpoint Targeted Attack Protection is able to send suspect attachments to a sandbox for further analysis but depending on configuration it may still allow messages through while this is happening. Sometimes this can lead to realizing bad attachments got through to users mailboxes.,Proofpoint Targeted Attack Protection, 2 Thumbs Up!Proofpoint TAP is used across our entire organization and it addresses the problem of users clicking on malicious URLs or attachments. We get alerted in every instance and with the TAP dashboard we can see targeted users and information on the threats coming at us. Reporting and VIP user options are great!,URL rewriting, so clicks are protected from the start Attachment sandboxing, attachments are vetted for threats Integration with Proofpoint TRAP for auto-pull of messages,Perhaps a bit more reporting would be beneficial,10,Nothing but positive, we have stopped 98% of threats targeted against us in recent months We can see specific users being targeted and the campaigns we see more of,Our IT security team has found it most valuable because we can see what is targeting us and prepare our users.,It has above and beyond met our expectations.,Microsoft Office 365,Snagit, SlackProofpoint TAP is Awesome!Proofpoint Targeted Attack Protection (TAP) is guarding against ransomware and defending us with URL filtering to ensure we don't get e-mail messages that could hurt our organization. Over the past year alone we have received several messages from some of the firms we deal with and they were infected with a virus and TAP guarded us against this.,URL Filtering / URL Defense Machine Learning Ransomware Prevention,False Positives,10,Guarding against Ransomware Guarding against fake domains,Our IT and Third-party IT uses TAP to ensure we are protected.,Yes it met our expectations 100%. It has handled past and present attacks and we know it will guard against future attacks. The machine learning portion of TAP is always ensuring our protection.Email's Best DefenseProofpoint Targeted Attack Protection for Email is deployed to our entire email domain. It protects our end users and our network from threats with opening infected attachments (malware) and clicking on phishing emails. This prevents the remediation effort needed to handle situations where users infected their machine and/or network with malware, or fall victim to a phishing attack.,Block phishing sites when users click on malicious links in their emails Block malicious attachments Proofpoint Dynamic Reputation is its machine-learning to learn which IP addresses may be compromised to send spam (like part of a botnet) and block them,The administration interface can be updated with improved navigation. Proofpoint does not recommend saving attachments in quarantine which creates an issue when there are false-positives. We cannot release a false-positive since it is not saved due to affecting performance of Proofpoint product when the database gets too big. It requires a good amount of time and effort to get familiar with Proofpoint system administration.,9,Avoid situations where users clicked on a phishing link in their email Prevent opening an infected or malware attachment which can impact the entire network Provide a much needed IT security strategy,Our leadership team finds the threat insight dashboard report informative and affirming that the Proofpoint product is a necessity to information and network security. Our help desk and support groups finds it useful to gauge what threats are out there. It gives everyone a wake up call that there are many email threats out there and we need to continue to be vigilant in safeguarding our emails, our network and our users.,Yes, it has blocked malware, including ransomware. There were times where ransomware, such as WannaCry, are proliferating on the internet. Our leadership team have heard on the news and wanted to know how we can be protected. We just tell them not to worry because we have Proofpoint Targeted Attack Protection for Email in place.,,Proofpoint Email Encryption, Proofpoint Email Data Loss Prevention, Proofpoint Email Fraud DefenseTAP protection helps users not get tapped by malicious linksWe use Proofpoint Targeted Attack Protection (TAP) company-wide. It solves for us web links that were good at the time the email was sent in, then the website becomes malicious later or is found to be malicious later. TAP identifies and alerts us about the users that have clicked the link that went from good to bad, when they clicked it an how often. That information saves us a ton of wondering who did what, how often and who is affected. It focuses our efforts on the correct people.,Re-evaluates web links on an on-going basis to see if the links were good and have been changed to bad. Identifies specific users and alerts us regarding who clicked the now bad links and were not blocked prior to discovery of malicious code. Gives us the ability to identify VIP users that may be especially vulnerable to attack and take additional action on them.,Proofpoint needs to get a single sign-on for all the different portals.,10,Positive ROI through better use of my technicians - we can determine who clicked any bad links and when. Positive ROI - Even though malicious links that were good became bad - we know we don't have to track down the email users and prevent them from clicking. We can just email them and tell them not to click it and delete it, if they don't - the software protects them anyway.,I've found in IT the insight dashboard to be valuable - we can determine who is getting phished most often and getting the bad links. From there we can target our phishing training and provide more targeted training for those individuals. We can also tell if someone is signing up for nefarious sites or their email has been spread everywhere based on volume coming into them.,It met the bulk of my expectations. In terms of protection - 100% great. The only area I think it falls short is where it gives you statistics on URL's "not re-written". I just haven't figured out what that counter is for. I believe all my URLs are being re-written. Support didn't give me a great answer to that question. I can't imagine NOT using it.,McAfee Email Gateway and Proofpoint Essentials for Small BusinessProofpoint Targeted Attack ProtectionProofpoint Targeted Attack Protection for Email is being used by our organization to identify malicious email campaigns and which users that it might affect. It is being used across the whole organization, and identifies the VAPs (Very Attacked People) as well as VIP users, to narrow down our focus during an investigation into an incident.,Identify whether an email was received or blocked by a user. Identify whether a malicious link in an email was clicked on or not. Listing of the severity of the campaign, as well as the spread (how many other customers were affected). Cloud integration ( in progress).,Integrating the GUI with the Email Security Admin portal (instead of two different logins).,10,Decrease investigation time for an incident. Better visibility into our threat landscape.,The information security operations team finds it valuable because they manage the email security infrastructure (Targeted Attack Protection complements the Email Security and Protection solution).,Proofpoint Targeted Attack Protection for Email does very well to identify advanced email threats that aren't necessarily identified by the Proofpoint Email Security and Protection solution, and in turn is complemented by the Threat Response Auto-pull feature (to remove emails from a user's inbox if it was delivered, but through further analysis deemed actually part of a malicious campaign).,Proofpoint Email Security and Protection, Proofpoint Email Fraud Defense, Proofpoint Threat Response Auto-Pull,Identify potentially malicious emails that were delivered or blocked. Identifying links in an email that were clicked on (and permitted or not). Identify email campaigns affecting our organization.,10,No,Product Features Product Usability Product Reputation Vendor Reputation,Implemented in-house,No,Change management was a small part of the implementation and was well-handled,10,9,No,9A necessity most enterprises can't live without.We utilize Proofpoint's Targeted Attack Protection services to protect our entire enterprise of over 18,000 individuals. One of the highest risk attacks we've been dealing with is that of the ever evolving "phishing" and ransomware/malware type attacks. Proofpoint's services have provided solid protection to our organization minimizing that risk, along with providing us with a high level of insight into the threats.,The URL Defense components having greatly reduced the risk associated with "phishing" attacks and malicious web sites. The Attachment Defense components have also reduced the amount of malware (including zero day type attacks) actually getting to our clients systems. The services are fairly simple to implement and provide enough flexibility to tailor them to address specific security policies. The level of threat analysis is extremely high compared to some of Proofpoint's competitors making this a "goto" product for people who want a solid product to protect their enterprise. The on-going implementation has been extremely stable with minimal service outages. Accuracy is definitely one of Proofpoint's strong points and we have experienced very few false positives.,The only real area that needs improvement is the customer specific definitions for blocked URL's in terms of providing more flexibility in using more specific pattern matching expressions. Pretty certain this will be resolved shortly. Cost is always a factor and given that this type of service is almost a necessity these days, their cost is a bit on the high end.,9,This really boils down to what is the cost to an organization related to data leakage associated with compromised credentials? Phishing attacks continue to be on the rise and are getting increasingly sophisticated. The Proofpoint TAP services provide a solid platform to mitigate this type of threat. Compromised accounts where are the then used for outbound attacks or spamming never look good when they are originating from your domain. How much is one's reputation worth?,Our central IT services manage the services which also includes our central IT security organization. We are routinely evaluating the threat landscape based in the insight dashboard to adjust our security focus as needed.,The Proofpoint TAP services have definitely met our expectations in terms of mitigating malware threats from getting to our enterprise managed systems. Overall we've had a very low occurrence of malware infections since deploying the services.,,Duo Security, Ping Identity PlatformProofPoint Targeted Attack Protection- The best protection you can buy!We are using Targeted Attack Protection (TAP) to supplement the normal spam/viral email detection. TAP rewrites URLs to protect us and notify if a site is weaponized after delivery. Also, if an attachment needs further analysis TAP provides that service. We act on alerts by sending [them] to users and IT administrators to research the problem. Also we regularly use the TAP dashboard to see what is happening in our environment.,It is great and alerting us to who has clicked on a URL that could be a problem. Also it prevents sophisticated files that would bypass traditional antivirus. URL writing is a great protection for our users. We have visibility who is hit by any malicious email campaign.,Sometimes alerts are hard to read. Automatic removal of messages should be included in the product. It is costly...if it was part of the base product and all email gateway customers the cost should be lower. In the end a C level person doesn't care if a message was stopped (or allowed) because of a separate component.,10,Stopped infections. Stopped phishing Increased visibility to email.,The only groups that has access is IT. We forward alerts to users, but only the IT group has access.,It has exceeded our expectations. We had a very poor performing email gateway that didn't do the job very well so I can't compare it to other. Proofpoint is a modern solution that I feel protects our users very well.,Mimecast Secure Email Gateway,Microsoft Exchange, Snagit, LogMeIn Rescue, VMware ESXi, Nutanix
Windows, Linux, Mac
Proofpoint Targeted Attack Protection for Email
20 Ratings
Score 9.3 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Proofpoint Targeted Attack Protection for Email Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
Proofpoint Targeted Attack Protection for Email
20 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9.3 out of 101
Show Filters 
Hide Filters 
Filter 20 vetted Proofpoint Targeted Attack Protection for Email reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-15 of 15)

  Vendors can't alter or remove reviews. Here's why.
Jerry Robinson profile photo
June 21, 2019

Proofpoint Targeted Attack Protection for Email Review: "Proofpoint - The Proof is There"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Targeted Attack Protection (TAP) for Email is used across the entire enterprise. TAP gives us a layer of protection against the numerous attack vectors that exist in the cyberworld.
  • Attachment Defense. This component scans all attachments for malicious content, quarantining anything suspicious. This is a must have for any legitimate email protection product.
  • URL Defense. With so many phishing attempts out there that try to lure the unsuspecting user into clicking a link to a malicious web site, URL Defense provide an invaluable safety net by encoding the URL and re-routing it to Proofpoint's "sandbox". If legitimate, it seamlessly redirects the user to the original URL. Despite your best efforts at education, a percentage of your end users will click the link. Knowing that TAP is sandboxing those links to test for malicious activity is protection we cannot live without.
  • TAP Dashboard. This lets me see who's being targeted in my environment as well as provide metrics that tell me how effective the protection has been. We're able to identify our "VIP's" so that we can receive special alerets whey they come under attack.
  • It's a stretch for me to find something that needs improvement. If I had to put at least one thing it would relate to URL Defense. The process works great but, there are times when you have to decode the encoded URL. Currently, the only place to do that is in the TAP dashboard. To save clicks and logins, it would be nice to have that decode functionality in the Proofpoint management console.
  • No other issues.
I believe TAP is well suited for all scenarios but some organizations may wish to implement part, or all, of TAP for specific departments. That can be done by AD group membership.
Read Jerry Robinson's full review
Chris Bash profile photo
April 15, 2019

Review: "TAP has saved us multiple times against post malware threats."

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection for Email (TAP) is being used by our entire organization as a second defense against email malware. If email malware does initially get by Proofpoint Secure email, TAP catches it and notifies us of the breach and goes further to protect us with rewritten URLs.
  • We receive email TAP alerts when malicious email gets past the Proofpoint Secure Email product.
  • TAP provides very a detailed analysis of the any email malware that potentially reaches our end users.
  • The overall reporting from TAP is very beneficial, especially the way it will compare our organization to similar organizations.
  • I have not found a way to automate emailing me custom reports like I can do with Proofpoint Secure email.
  • Sometimes you have to click through multiple links to get to the details of a malware email.
TAP alert email notifications have become very valuable when malware gets by Proofpoint's Secure email product. With the notifications we can quickly remediate email malware that has reached end users.
Read Chris Bash's full review
No photo available
July 19, 2019

Proofpoint Targeted Attack Protection for Email Review: "Save your money and find something else"

Score 1 out of 10
Vetted Review
Verified User
Review Source
We purchased this for our full-time fac/staff and attempted to get this for our students as 'included' since they slipped by our legal to not include our students first off. We had to pay a ton to get the students included. Also, EOP based AV does a better job of blocking bad attachments. The best use case I can give you is if you put the phishing link inside a PDF TAP, it will send it on clean. MS AV will catch it every time. I watch the TAP alerts on misses, and I will pull the message with Get-Messagetrace and its details; sure enough, it got caught there!
  • Slowing down mail flow for scanning.
  • Limiting to a specific sub group of your org.
  • Sending lots of mail unthrottled by default.
  • Stopping bad mail.
  • Hashing spam emails in a more efficient way.
Very useful for a very small organization where scaling and learning algorithms have a standing chance to work. It's places that receive 1 million messages a day and have to try to provide infrastructure as a service, i.e. many independent domains trying to be self-managed, that are challenging for this product.
Read this authenticated review
No photo available
April 18, 2019

Review: "TAPping into your infosec capabilities with Proofpoint Targeted Attack Protection"

Score 10 out of 10
Vetted Review
Verified User
Review Source
The Infosec team uses TAP to be alerted when threats occur, compromises may have happened, and actions may need to be taken. It gives us insight into the attacks that have occurred, a lot of background on them (if available), and who was targeted and who fell for the attacks. It helps us protect the company from attacks and quickly resolve them.
  • TAP allows administrators and authorized users to effectively analyze threats and identify all targets.
  • The tracking (did a user open an email, did they click a link and how many times) and analytics are a great asset to have for any IT admin.
  • The ability to flag specific users as VIPs or important folks you want to keep an extra measure of attention on.
  • Sometimes, it is difficult to determine what the threat did or the effect it had on the recipients. I think this is most difficult due to our inexperience, so I imagine this will be easier for us over time.
I receive an email notification when someone clicks on a link in an email that originally was not a threat, but was later activated/determined by TAP to be malicious. This helps me to quickly jump into an event that may never get reported by the user. Multiple times I've reached out to the user before they said anything because they just thought the link was broken and ignored it. Or, they might have tried their credentials in a phishing scam and since it didn't work, simply emailed the attacker (unbeknownst to our user) that the credentials didn't work. User reporting is generally too slow and TAP allows infosec to quickly take action and often stop attacks before they can do any damage.
Read this authenticated review
No photo available
July 19, 2019

Proofpoint Targeted Attack Protection for Email: "Great foundational piece to any email protection strategy."

Score 10 out of 10
Vetted Review
Verified User
Review Source
This is used globally as part of our overall email hygiene program.
  • Easy to manage.
  • Easy to deploy.
  • Proven solution.
  • Adoption can be a problem, but only early on.
This, for us, is the leading platform to build as part of our overall email security program.
Read this authenticated review
No photo available
July 17, 2019

Review: "TAP is worth its price. It really saves time and makes your network save."

Score 10 out of 10
Vetted Review
Reseller
Review Source
TAP is an optional module for Proofpoint Email Security that can be licensed. It consists of "URL Defense" and "Attachment Defense." The first one is a mighty tool which provides security for inbound mail traffic by analyzing (and blocking) access to harmfull external URLs. 'Attachment Defense' is even mightier. As a company, you get a lot of emails with attachments, especially documents like PDFs or Microsoft Office file formats. Attachment Defense is a Sandbox cloud service provided by Proofpoint, which analyzes these files and checks if they contain bad content like malicious macros. All normal Antivirus scanners work signature-based, so they are not able to open a document like Adobe Reader or MS Office would do it. This is what Proofpoint Targeted Attack Protection does for you. Up to now, there is no other way to automatically check every attachment this way (Sandboxing).
  • It's a carefree solution for automatic approval of (bad) attachments.
  • A carefree solution for automatic approval of bad URLs.
  • Alerts for admins if the attachments or allowed URL clicks afterwards turned out to be malicious.
  • A lot of information about malware campaigns inside the TAP Dashboard, and useful info, like who's the most attacked target in your company.
  • Expensive (but justified).
  • A lot of German companies are very sensitive about their data and privacy. You have to trust Proofpoint here.
It is (of course) well suited if you have a lot of mail traffic which contains attachments and external URLs. In general, Proofpoint Targeted Attack Protection will suit you if your users have no sense of security, and if they click on every link without thinking for a second if a mail looks legitimate or not. Better safe than sorry!
Read this authenticated review
No photo available
June 21, 2019

"Proofpoint TAP Review"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Proofpoint TAP is used as part of our email security strategy. Inbound emails are scanned by TAP for malicious attachments, links, and other indicators of compromise. Proofpoint TAP logs feed into our SIEM for investigation and correlation against other log data. TAP can also be used to input IOCs like URLS so that the emails are blocked before entering the environment. Today we receive two types of alerts from TAP, one lets you know that Proofpoint now recognizes this email to be malicious and the analysts can investigate and remediate. The second type of alert is that an individual has clicked on a link that is known bad. Then the analysts can search logs for if the user successfully made it to the website and input any data.
  • Block malicious and phishing emails
  • Alert of now known to be bad emails
  • Threat intelligence for tracking campaigns
  • Metrics and dashboards around email activity
  • Ability to block additional IOCS instead of just URL
  • Ability to integrate with threat intelligence platforms
  • What they label as a false positive is not always a false positive
Proofpoint TAP is well suited to guide in investigation of malicious or phishing emails. It allows you to track the campaign and see the top email threats attacking your environment. You can input VIP level users for enhanced reporting. The ability to view a sandbox report with details of what the link or attachment does is useful.
Read this authenticated review
No photo available
May 14, 2019

Proofpoint Targeted Attack Protection for Email Review: "A useful addition to a solid email security product"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection's primary use for us is the URL rewriting feature, which allows sites linked to in emails to get scanned by Proofpoint before allowing users to visit them. We use this feature for all users across our organization and it is one of our primary defenses against phishing.
  • Post-detection of malicious web-based attacks
  • Trending of types of attacks against our organization
  • URL rewrite feature makes URLs very ugly and sometimes makes users more suspicious
Proofpoint Targeted Attack Protection is great for helping leadership understand how other organizations are being attacked and how similar those attacks are or aren't to ours. The historical data that it provides about attacks, campaigns, and tactics can help leaders and managers understand why we make the changes we do to our email security posture.
Read this authenticated review
No photo available
April 19, 2019

Proofpoint Targeted Attack Protection for Email Review: "Proofpoint Targeted Attack Protection, 2 Thumbs Up!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint TAP is used across our entire organization and it addresses the problem of users clicking on malicious URLs or attachments. We get alerted in every instance and with the TAP dashboard we can see targeted users and information on the threats coming at us. Reporting and VIP user options are great!
  • URL rewriting, so clicks are protected from the start
  • Attachment sandboxing, attachments are vetted for threats
  • Integration with Proofpoint TRAP for auto-pull of messages
  • Perhaps a bit more reporting would be beneficial
[For] The new campaigns out there that are credential stealing - the url rewrite function is very beneficial. When a user has clicked [on them] you are able to see it in the TAP dashboard along with other users targeted.
Read this authenticated review
Riccardo Francese profile photo
November 23, 2018

User Review: "Proofpoint TAP is Awesome!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection (TAP) is guarding against ransomware and defending us with URL filtering to ensure we don't get e-mail messages that could hurt our organization. Over the past year alone we have received several messages from some of the firms we deal with and they were infected with a virus and TAP guarded us against this.
  • URL Filtering / URL Defense
  • Machine Learning
  • Ransomware Prevention
  • False Positives
Proofpoint TAP is seamless to the end-user and continues to work in the background to protect the organization. It is well suited for all organizations big or small; however, false positives can appear.
Read Riccardo Francese's full review
No photo available
January 18, 2019

Proofpoint Targeted Attack Protection for Email Review: "Email's Best Defense"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection for Email is deployed to our entire email domain. It protects our end users and our network from threats with opening infected attachments (malware) and clicking on phishing emails. This prevents the remediation effort needed to handle situations where users infected their machine and/or network with malware, or fall victim to a phishing attack.
  • Block phishing sites when users click on malicious links in their emails
  • Block malicious attachments
  • Proofpoint Dynamic Reputation is its machine-learning to learn which IP addresses may be compromised to send spam (like part of a botnet) and block them
  • The administration interface can be updated with improved navigation.
  • Proofpoint does not recommend saving attachments in quarantine which creates an issue when there are false-positives. We cannot release a false-positive since it is not saved due to affecting performance of Proofpoint product when the database gets too big.
  • It requires a good amount of time and effort to get familiar with Proofpoint system administration.
Proofpoint Targeted Attack Protection for Email is well suited for saving time and resources for IT staff from having to handle situations where users clicked on a phishing link in their email and fall victim to it and opening an infected or malware attachment which can impact the entire network and harm the endpoint device. It saves from potential remediation and clean-up work which can be significant to IT organizations.
Read this authenticated review
No photo available
December 13, 2018

Review: "TAP protection helps users not get tapped by malicious links"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint Targeted Attack Protection (TAP) company-wide. It solves for us web links that were good at the time the email was sent in, then the website becomes malicious later or is found to be malicious later. TAP identifies and alerts us about the users that have clicked the link that went from good to bad, when they clicked it an how often. That information saves us a ton of wondering who did what, how often and who is affected. It focuses our efforts on the correct people.
  • Re-evaluates web links on an on-going basis to see if the links were good and have been changed to bad.
  • Identifies specific users and alerts us regarding who clicked the now bad links and were not blocked prior to discovery of malicious code.
  • Gives us the ability to identify VIP users that may be especially vulnerable to attack and take additional action on them.
  • Proofpoint needs to get a single sign-on for all the different portals.
I've found it suited to our entire environment. It has proved to be a good layer of protection for email links.
Read this authenticated review
No photo available
December 08, 2018

Proofpoint Targeted Attack Protection for Email Review: "Proofpoint Targeted Attack Protection"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Targeted Attack Protection for Email is being used by our organization to identify malicious email campaigns and which users that it might affect. It is being used across the whole organization, and identifies the VAPs (Very Attacked People) as well as VIP users, to narrow down our focus during an investigation into an incident.
  • Identify whether an email was received or blocked by a user.
  • Identify whether a malicious link in an email was clicked on or not.
  • Listing of the severity of the campaign, as well as the spread (how many other customers were affected).
  • Cloud integration ( in progress).
  • Integrating the GUI with the Email Security Admin portal (instead of two different logins).
Proofpoint Targeted Attack Protection for Email is good for identifying malicious email campaigns, and whether a user might be affected by this (if they clicked any links in the email). We can also see whether this was a broad email campaign or specifically targeted towards our company or a certain industry, or possibly specific users.
Read this authenticated review
No photo available
December 10, 2018

Proofpoint Targeted Attack Protection for Email Review: "A necessity most enterprises can't live without."

Score 9 out of 10
Vetted Review
Verified User
Review Source
We utilize Proofpoint's Targeted Attack Protection services to protect our entire enterprise of over 18,000 individuals. One of the highest risk attacks we've been dealing with is that of the ever evolving "phishing" and ransomware/malware type attacks. Proofpoint's services have provided solid protection to our organization minimizing that risk, along with providing us with a high level of insight into the threats.
  • The URL Defense components having greatly reduced the risk associated with "phishing" attacks and malicious web sites.
  • The Attachment Defense components have also reduced the amount of malware (including zero day type attacks) actually getting to our clients systems.
  • The services are fairly simple to implement and provide enough flexibility to tailor them to address specific security policies.
  • The level of threat analysis is extremely high compared to some of Proofpoint's competitors making this a "goto" product for people who want a solid product to protect their enterprise. The on-going implementation has been extremely stable with minimal service outages.
  • Accuracy is definitely one of Proofpoint's strong points and we have experienced very few false positives.
  • The only real area that needs improvement is the customer specific definitions for blocked URL's in terms of providing more flexibility in using more specific pattern matching expressions. Pretty certain this will be resolved shortly.
  • Cost is always a factor and given that this type of service is almost a necessity these days, their cost is a bit on the high end.
The product is definitely well suited for any type of enterprise e-mail services whether hosted or on-premises. Again, the insight provided by their product and the high level of accuracy in detecting and mitigating threats make this a must have product.
Read this authenticated review
No photo available
November 17, 2018

Proofpoint Targeted Attack Protection for Email Review: "ProofPoint Targeted Attack Protection- The best protection you can buy!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Targeted Attack Protection (TAP) to supplement the normal spam/viral email detection. TAP rewrites URLs to protect us and notify if a site is weaponized after delivery. Also, if an attachment needs further analysis TAP provides that service. We act on alerts by sending [them] to users and IT administrators to research the problem. Also we regularly use the TAP dashboard to see what is happening in our environment.
  • It is great and alerting us to who has clicked on a URL that could be a problem.
  • Also it prevents sophisticated files that would bypass traditional antivirus.
  • URL writing is a great protection for our users.
  • We have visibility who is hit by any malicious email campaign.
  • Sometimes alerts are hard to read.
  • Automatic removal of messages should be included in the product.
  • It is costly...if it was part of the base product and all email gateway customers the cost should be lower. In the end a C level person doesn't care if a message was stopped (or allowed) because of a separate component.
It protects users from advanced attacks either with files or URLs exceptionally well. I feel like its a mandatory component and wish it was included in the spam/virus product. In a high security company where attachments were blocked it would not be necessary. Overall there are many more positives than negatives from Targeted Attack Protection.
Read this authenticated review

Feature Scorecard Summary

Anti-malware (5)
6.9
Cusomizability (5)
6.8
Data Loss Protection (3)
4.3
Threat Detection (5)
7.1
Sandboxing (5)
7.9
End-to-End Encryption (3)
6.2
Management Tools (5)
6.3

About Proofpoint Targeted Attack Protection for Email

Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and credential-stealing phishing techniques to obtain sensitive information. TAP seamlessly integrates with the Proofpoint secure email gateway (Proofpoint Email Protection) to deliver best-in-class email security in a way that is cost effective and easy to use. TAP leverages the cloud to scale deployment, adapt analysis and protect people on any network or device.

With Proofpoint Targeted Attack Protection (TAP), you can:

  • Provide sophisticated analysis to prevent threats from getting to a user's inbox.
  • Detect known and unknown threats using adaptable analysis capabilities.
  • Provide security teams detailed analysis and visibility about threats and threat campaigns.
  • Provide visibility into threats targeting the Very Attacked People (VAP) in an organization.
Categories:  Secure Email Gateway

Proofpoint Targeted Attack Protection for Email Features

Has featureProvide sophisticated analysis to prevent threats from getting to users inbox.
Has featureDetect known and unknown threats using adaptable analysis capabilities.
Has featureProvide security teams detailed analysis and visibility about threats and threat campaigns.
Has featureProvide visibility into threats targeting the Very Attacked People (VAP’s) in an organization

Proofpoint Targeted Attack Protection for Email Support Options

 Paid Version
Phone
Live Chat
Email
Forum/Community
FAQ/Knowledgebase
Video Tutorials / Webinar

Proofpoint Targeted Attack Protection for Email Technical Details

Deployment Types:On-premise, SaaS
Operating Systems: Windows, Linux, Mac
Mobile Application:No