Proofpoint TAP - Critical for Email Security
Proofpoint Targeted Attack Protection (TAP) is very helpful in detecting threats that come through mail. It keeps track of URL accessed …
Overview
What is Proofpoint Targeted Attack Protection (TAP)?
Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is Proofpoint Targeted Attack Protection (TAP)?
Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized…
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
13 people also want pricing
Alternatives Pricing
What is Avanan?
Avanan, from Check Point since the August 2021 acquisition, connects security technologies to enterprise cloud applications in order to improve protection of sensitive corporate data and IP. According to the vendor, Avanan's one-click deployment allows customers to deploy a new security solution in…
What is KnowBe4 PhishER/PhishER Plus?
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…
Product Details
- About
- Tech Details
What is Proofpoint Targeted Attack Protection (TAP)?
Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and credential-stealing phishing techniques to obtain sensitive information. TAP seamlessly integrates with the Proofpoint secure email gateway (Proofpoint Email Protection) to deliver best-in-class email security in a way that is cost effective and easy to use. TAP leverages the cloud to scale deployment, adapt analysis and protect people on any network or device.
With Proofpoint Targeted Attack Protection (TAP), you can:
- Provide sophisticated analysis to prevent threats from getting to a user's inbox.
- Detect known and unknown threats using adaptable analysis capabilities.
- Provide security teams detailed analysis and visibility about threats and threat campaigns.
- Provide visibility into threats targeting the Very Attacked People (VAP) in an organization.
Proofpoint Targeted Attack Protection (TAP) Features
- Supported: Provide sophisticated analysis to prevent threats from getting to users inbox.
- Supported: Detect known and unknown threats using adaptable analysis capabilities.
- Supported: Provide security teams detailed analysis and visibility about threats and threat campaigns.
- Supported: Provide visibility into threats targeting the Very Attacked People (VAP’s) in an organization
Proofpoint Targeted Attack Protection (TAP) Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Windows, Linux, Mac |
| Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(65)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Pros
- Cons
Effective URL Blocking: Several users have praised Proofpoint TAP for its effective URL Blocking feature, which has prevented malicious URLs from infiltrating their systems. This feature not only alerts users about potential compromises but also provides concise threat context, enabling them to understand the nature of the threats they face.
Integration with Proofpoint TRAP: Many reviewers have valued the seamless integration between TAP and Proofpoint TRAP. By combining these two solutions, users are able to streamline their workflow and enhance security measures. The integration detects spam and phishing emails, providing an added layer of protection against cyber threats.
Accurate Attachment Detonation: Users have expressed high satisfaction with TAP's sandbox attachment detonation feature. This functionality effectively vets attachments for threats, allowing users to confidently analyze email attachments without risking system compromise. The ability to detect malicious attachments and boast a false positive rate of less than 0.001% over three years has been particularly impressive to reviewers.
Cumbersome Admin Web GUI: Users have mentioned that the admin web GUI is difficult to navigate and understand, leading to a steep learning curve. Several reviewers expressed frustration with the unclear interface and the need to constantly stay updated on new features.
Lack of Communication on New Features: Users have expressed frustration with Proofpoint's lack of communication when new features are added to their toolbox. Some users felt left in the dark about updates and wished for better transparency from the company.
Difficulty in Automating Custom Report Emails: Several users mentioned the inability to automate custom report emails like with Proofpoint Secure email. This inconvenience makes it time-consuming for administrators who rely on automated reports for efficient management.
Attribute Ratings
Reviews
(1-16 of 16)Companies can't remove reviews or game the system. Here's why
April 01, 2021
Proofpoint TAP a product that just works!
Proofpoint Targeted Attack Protection is a rock solid application that just works.
- Anti Spam
- Anti Malware
- Upgrades on the on-premise version can sometimes fail to install
January 23, 2020
Proofpoint TAP is powerful but expensive
Proofpoint TAP is used on a shared service mail gateway cluster by our outsourcing services clients. The URL protection prevents users from open websites with malware content. The attachment analyzer is able to detect malware in email content before the mail enters the client's environment and before the standard antispam engine checks the attachment.
- URL protection with a cloud-based Proofpoint database.
- Attachment analysis and removal of potentially dangerous content.
- Support for different languages in international environments for URL protection functions.
We use Proofpoint Targeted Attack Protection for our entire organization. Our security team uses it every day to look into/analyze different threats that we are seeing coming into our network via email. We have the alerts set up to get us looking into the "critical" events, but we can use the data in the platform every day. It helps us realize how well Proofpoint Email Security is doing, and provides great stats/numbers for us to give to management to show what has been accomplished.
- Usability - The product is very easy to use, and begins giving a lot of valuable information immediately.
- Detail - The amount of detail for each threat is great, and helps us with "proving" there may be a problem somewhere.
- Defense - The URL rewrite function and sandbox function are great, and we saw immediate return from just those.
- Sandboxing can be slow at times, but that is understandable, but hard to explain to end users.
- URL rewrite takes time for the users to get used to the fact that every URL now looks "phishy".
October 29, 2019
Proofpoint is at next level
We are using Proofpoint currently for email security and this is for our global level implementation. We have also integrated it with our firewall Palo Alto too.
- We have been observing TAP is working well and also the integration with Palo Alto is working great.
- Having a very good experience with Proofpoint support and very super support from them. However we have not been notified of any new updates. Not sure, if these updates have already been sent to procurement team, but not the Allegis support group.
- We do see the TAP dashboard also has a URL for rewriting details and email alerts too, which will help us to identify the actual threats and also we can report them if the attack is a false positive as well.
- In the search pane, we could have more detailed information and which may useful while validating the incoming email for the engineers.
- I do agree no product is able to block any sort of new malware/phishing attacks, but I have been observing unless we are reporting it Proofpoint is unable to identify a threat in some cases (and after the virus engines have been updated). This could be improved.
- Also in few cases, the email might get blocked if we add the IP to our blacklist policy route. However there is no sign of email activity from that source. We should at least be able to see that info.
TAP helps mitigate targeted attacks, and also helps with researching what was attempted, and helps identify people who are more at risk (ie, if they clicked a link, etc)
- Concise threat context
- URL rewriting
- I don't find the TAP portion of the product to be deficient. I think it's easy to use and is extremely helpful.
September 10, 2019
Ahead of its time!
TAP is used strictly by our Information Security department. It is very beneficial to us in two ways. Phishing attacks and our VAPs. The way that TAP seamlessly integrates with our company is unparalleled to any other product. We are able to train our users better with the knowledge we gain from TAP.
- The best software for gaining better cyber awareness of your company!
- Intelligence like no other!
- Allows faster response and more efficient workflow!
- When an alert is made sometimes some information is lacking.
- Other than that, no complaints.
August 29, 2019
TAP for Protection
Proofpoint Targeted Attack Protection for Email is being used across our entire organization. It helps protect our users from emails that may contact malicious code in an attachment or a link that may take them to a site where their credentials can be compromised. Ultimately it protects our customers' information in turn.
- Stopping attachments, bad URLs, and embedded malicious code.
- Sometimes there is a delay in detecting the threat, and by that time it has been delivered to a mailbox and the user may have clicked on a URL or opened an attachment.
- Added functionality is in separate add-on modules at a cost.
- TAP dashboard could be made easier to navigate to gather details of the threat.
August 15, 2019
Peace of mind at a reasonable price
We are using Proofpoint to scan and inspect all inbound mail and it is at the forefront of protecting all of our end-users from email-based attacks. We also utilize their encrypted mail features for sending secure mail to customers. I have had to work with other products in this space, such as Barracuda and Cisco IronPort, all of which are great products; however, I would rank my experience with Proofpoint (so far) above any of them in its effectiveness and support.
- URL re-writing and sandboxing is very effective.
- Need to find a solution to e-mails with links to cloud-based documents with malicious payloads.
August 08, 2019
Easy to use and accurate threat detection
We have been using the Proofpoint TAP for about 2 years now and I cannot imagine us not having it in our environment. We are constantly under attack and the TAP has been vital in helping to protect us from threats. We actually receive so many threats that I start to wonder if something is not working when I look at the TAP dashboard and it shows no threats at all! This is being utilized to protect our entire organization from email threats.
- Impostor email detection is a fantastic feature and works very well.
- The sandbox feature helps to ensure confidence that their evaluation of the email threat is valid.
- Easy to use (and understand) dashboard make identifying and managing email threats a breeze.
- Occasionally, we have a false positive or false negative, but those are easily corrected.
- Would like the ability to upload a file to have it automatically exploded via sandbox to determine threat.
July 28, 2019
TAP is a must with Proofpoint
We use it for our entire organization. Primary requirements to prevent advanced malware and phishing attacks. In addition, we also use it for data loss prevention (DLP) to meet client and regulatory requirements. We also leverage this platform for e-mail protection against spam and phishing attacks.
- Alert on malware/attacks that made it through, so we can respond.
- Data loss prevention (DLP) is very flexible and accommodates our needs.
- More advancement in the imposter technology.
- Integration between Wombat (phishing campaign tool) and email.
July 23, 2019
Save your money and find something else
We purchased this for our full-time fac/staff and attempted to get this for our students as 'included' since they slipped by our legal to not include our students first off. We had to pay a ton to get the students included. Also, EOP based AV does a better job of blocking bad attachments. The best use case I can give you is if you put the phishing link inside a PDF TAP, it will send it on clean. MS AV will catch it every time. I watch the TAP alerts on misses, and I will pull the message with Get-Messagetrace and its details; sure enough, it got caught there!
- Slowing down mail flow for scanning.
- Limiting to a specific sub group of your org.
- Sending lots of mail unthrottled by default.
- Stopping bad mail.
- Hashing spam emails in a more efficient way.
This is used globally as part of our overall email hygiene program.
- Easy to manage.
- Easy to deploy.
- Proven solution.
- Adoption can be a problem, but only early on.
June 21, 2019
Proofpoint TAP Review
Proofpoint TAP is used as part of our email security strategy. Inbound emails are scanned by TAP for malicious attachments, links, and other indicators of compromise. Proofpoint TAP logs feed into our SIEM for investigation and correlation against other log data. TAP can also be used to input IOCs like URLS so that the emails are blocked before entering the environment. Today we receive two types of alerts from TAP, one lets you know that Proofpoint now recognizes this email to be malicious and the analysts can investigate and remediate. The second type of alert is that an individual has clicked on a link that is known bad. Then the analysts can search logs for if the user successfully made it to the website and input any data.
- Block malicious and phishing emails
- Alert of now known to be bad emails
- Threat intelligence for tracking campaigns
- Metrics and dashboards around email activity
- Ability to block additional IOCS instead of just URL
- Ability to integrate with threat intelligence platforms
- What they label as a false positive is not always a false positive
June 21, 2019
Proofpoint - The Proof is There
Targeted Attack Protection (TAP) for Email is used across the entire enterprise. TAP gives us a layer of protection against the numerous attack vectors that exist in the cyberworld.
- Attachment Defense. This component scans all attachments for malicious content, quarantining anything suspicious. This is a must have for any legitimate email protection product.
- URL Defense. With so many phishing attempts out there that try to lure the unsuspecting user into clicking a link to a malicious web site, URL Defense provide an invaluable safety net by encoding the URL and re-routing it to Proofpoint's "sandbox". If legitimate, it seamlessly redirects the user to the original URL. Despite your best efforts at education, a percentage of your end users will click the link. Knowing that TAP is sandboxing those links to test for malicious activity is protection we cannot live without.
- TAP Dashboard. This lets me see who's being targeted in my environment as well as provide metrics that tell me how effective the protection has been. We're able to identify our "VIP's" so that we can receive special alerets whey they come under attack.
- It's a stretch for me to find something that needs improvement. If I had to put at least one thing it would relate to URL Defense. The process works great but, there are times when you have to decode the encoded URL. Currently, the only place to do that is in the TAP dashboard. To save clicks and logins, it would be nice to have that decode functionality in the Proofpoint management console.
- No other issues.
Proofpoint Targeted Attack Protection's primary use for us is the URL rewriting feature, which allows sites linked to in emails to get scanned by Proofpoint before allowing users to visit them. We use this feature for all users across our organization and it is one of our primary defenses against phishing.
- Post-detection of malicious web-based attacks
- Trending of types of attacks against our organization
- URL rewrite feature makes URLs very ugly and sometimes makes users more suspicious
The Infosec team uses TAP to be alerted when threats occur, compromises may have happened, and actions may need to be taken. It gives us insight into the attacks that have occurred, a lot of background on them (if available), and who was targeted and who fell for the attacks. It helps us protect the company from attacks and quickly resolve them.
- TAP allows administrators and authorized users to effectively analyze threats and identify all targets.
- The tracking (did a user open an email, did they click a link and how many times) and analytics are a great asset to have for any IT admin.
- The ability to flag specific users as VIPs or important folks you want to keep an extra measure of attention on.
- Sometimes, it is difficult to determine what the threat did or the effect it had on the recipients. I think this is most difficult due to our inexperience, so I imagine this will be easier for us over time.