Proofpoint Threat Response Auto-Pull Reviews

Name: Proofpoint Email Protection Suite – Product Demo
Uploaded: 2018-12-11T17:29:32.000Z
Duration: 3 min 48 s
Description: Email is a primary source of cyber-attacks for many organizations, and it starts with people. Find out how Proofpoint’s multi-layered email security helps prevent, defend, and respond to email attacks quickly and effectively within an organization.

Do you work for this company? Learn how we help vendors

Ratings and Reviews (13)

Ratings and Reviews
(1-4 of 13)

Sort by

Companies can't remove reviews or game the system. Here's why

July 13, 2021

Very happy with my TRAP appliance

Chris Bash

IS Systems Analyst

Kodak alaris (Photography, 1001-5000 employees)

Score 9 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

TRAP is being used across our whole organization. We use it in conjunction with PPS, TAP, and PSAT with CLEAR. It saves us about 5 - 10 hours per week quarantining emails and evaluating user-submitted emails. We have auto-response templates set up so that user-submitted emails will automatically be replied to with the verdict of their submission.

Pros and Cons

It will automatically pull malicious emails from users' mailboxes if they are not detected first by PPS.
It will evaluate user-submitted suspect phishing emails and reply to the users with the result of the evaluation.
It will pull emails from users per an admin-submitted CVS file of emails we want to pull.
It informs admins of the status of its email investigations.

Would like an Azure virtual machine version of it. Currently, it's only supported on VMware and AWS.
Configuring authentication certificates on it is not easy.
It does not work with RSASSA-PSS signed certificates.

Likelihood to Recommend

If your email admins spend time manually pulling malicious emails, this tool will save them countless hours of work and will do it for them 24 x 7. So if a user receives a malicious email after-hours, TRAP will auto pull it from the affected user's mailbox and potentially save you from an IT disaster.

Support Rating

They are quick to respond and have talented support personnel.

December 03, 2019

Proofpoint TRAP - Pull malicious emails

Fraser Clark

Network Engineer

People's Postcode Lottery (Gambling & Casinos, 201-500 employees)

Score 10 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

Proofpoint TRAP is being used across the entire organization currently. It is deployed centrally and in use across 4 countries. As it is an international product we have a Proofpoint trained team looking after it.
We've found Proofpoint TRAP to be very beneficial to the company so far, it helped us immensely during our last security test.

Pros and Cons

Automatically pulling malicious emails from users inboxes.
Low admin intervention.
Reducing remediation time on malicious emails.

Learning curve is steep.
Interface can be clunky.
Some interface items seem counter-intuitive.

Likelihood to Recommend

Proofpoint TRAP can benefit any company in most scenarios. When used in conjunction with Proofpoint's main offering it is extremely powerful and reduces malicious email being delivered to almost zero.
And emails that do get delivered it is unsure about are cloned then detonated in a sandbox to see the impact and if it is then found to be malicious it will pull these mails from the user's inbox. With no interaction from administrators.

December 04, 2019

Excellent last-defense for malicious email

Verified User

Professional in Information Technology

Fund-Raising Company, 1001-5000 employees

Score 9 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

Proofpoint Threat Response Auto-Pull is a lifesaver if all "pro-active" controls fail. It will auto pull messages automatically from users' mailboxes, instructed by the "Targeted Attack Protection" module of Proofpoint. Especially with (spear) phishing, you can prevent a lot of trouble. This is all automatic, although if you really want, you can upload a CSV with the list of messages you want auto pulled.

Pros and Cons

Auto pull works great, even with our hybrid situation with 2 on premise exchange organizations.
Reporting is good, nice graphs of all the actions.

As threat response auto-pull uses a subset of the full threat response product, the GUI is too bloated.
It is still only an on premise VM, still waiting for a cloud version.

Likelihood to Recommend

It is very well suited for any organization, though the pricing is more for larger organizations. Having auto pull available means you have fewer worries that phishing emails end up in users' mailboxes.

October 23, 2019

TRAP helps me sleep at night

Verified User

Engineer in Information Technology

Insurance Company, 5001-10,000 employees

Score 10 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

We use TRAP enterprise-wide to help remove malicious messages from users' mailboxes. When a brand new threat sneaks by our email security appliance it's far less of a worry since TRAP will pull messages from mailboxes as soon as it starts detecting them!

Update, 6 months later: Proofpoint TRAP remains the MOST HELPFUL tool I've ever used for security incident response.

Pros and Cons

Finds malicious messages in users mailboxes that were not previously detected.
Gives good data about messages post-detection.
Integrates with AD.

Removing messages from mailboxes manually requires uploading a CSV in a particular format. More flexibility here would be great.

Likelihood to Recommend

Incident response teams will see the most benefit from TRAP. Exchange teams will love it too because it means fewer exercises in Powershell message removal scripts.

Proofpoint Threat Response Auto-Pull Scorecard Summary

Likelihood to Recommend (4): 91%
9.1
Usability (1): 90%
9.0
Support Rating (1): 90%
9.0

Feature Scorecard Summary

Incident Response Platforms (5): 81%
8.1

What is Proofpoint Threat Response Auto-Pull?

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an audit-able activity trail.

With Proofpoint Threat Response Auto-Pull, you can protect your people, data, and brand from today’s threats by:

Automatically pulling malicious or unwanted messages from an end-users inbox.
Enriching each message by checking every domain and IP address against premium intelligence feeds.
Including built-in reporting, showing stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
Reducing the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Features

Show Unsupported Features

Incident Response Platforms Features

Supported: Integration with Other Security Systems
Supported: Attack Chain Visualization
Supported: Centralized Dashboard
Supported: Machine Learning to Prevent Incidents
Supported: Live Response for Rapid Remediation

Additional Features

Supported: Automatically pull malicious or unwanted messages from an end-users inbox.
Supported: Enrich each message by checking every domain and IP address against premium intelligence feeds.
Supported: Built-in reporting showing things stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
Supported: Reduce the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Video

Email is a primary source of cyber-attacks for many organizations, and it starts with people. Find out how Proofpoint’s multi-layered email security helps prevent, defend, and respond to email attacks quickly and effectively within an organization.

Proofpoint Threat Response Auto-Pull Downloadables

Proofpoint Threat Response Auto Pull data sheet

Proofpoint Threat Response Auto-Pull Integrations

FireEye Email Security
Splunk Enterprise Security (SIEM)
Okta Adaptive Multi-Factor Authentication (MFA)

Proofpoint Threat Response Auto-Pull Competitors

Proofpoint Threat Response Auto-Pull Pricing

More Pricing Information

Proofpoint Threat Response Auto-Pull Technical Details

Deployment Types	On-premise, SaaS
Operating Systems	Windows, Linux, Mac
Mobile Application	No
Supported Countries	United States, Canada, United Kingdom, Germany, France, Italy, Australia, Japan
Supported Languages	English, German, French, Italian, Spanish, Japanese

Frequently Asked Questions

What are Proofpoint Threat Response Auto-Pull's top competitors?

Palo Alto Networks Cortex XSOAR (formerly Demisto), Splunk Security Orchestration and Automation (SOAR), formerly Phantom, and Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) are common alternatives for Proofpoint Threat Response Auto-Pull.

What is Proofpoint Threat Response Auto-Pull's best feature?

Reviewers rate Live Response for Rapid Remediation highest, with a score of 9.6.

Who uses Proofpoint Threat Response Auto-Pull?

The most common users of Proofpoint Threat Response Auto-Pull are from Enterprises and the Financial Services industry.