Proofpoint Threat Response Auto-Pull

Proofpoint Threat Response Auto-Pull Reviews

Do you work for this company? Learn how we help vendors

Ratings and Reviews
(1-4 of 13)

Companies can't remove reviews or game the system. Here's why
Chris Bash | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
TRAP is being used across our whole organization. We use it in conjunction with PPS, TAP, and PSAT with CLEAR. It saves us about 5 - 10 hours per week quarantining emails and evaluating user-submitted emails. We have auto-response templates set up so that user-submitted emails will automatically be replied to with the verdict of their submission.
  • It will automatically pull malicious emails from users' mailboxes if they are not detected first by PPS.
  • It will evaluate user-submitted suspect phishing emails and reply to the users with the result of the evaluation.
  • It will pull emails from users per an admin-submitted CVS file of emails we want to pull.
  • It informs admins of the status of its email investigations.
  • Would like an Azure virtual machine version of it. Currently, it's only supported on VMware and AWS.
  • Configuring authentication certificates on it is not easy.
  • It does not work with RSASSA-PSS signed certificates.
If your email admins spend time manually pulling malicious emails, this tool will save them countless hours of work and will do it for them 24 x 7. So if a user receives a malicious email after-hours, TRAP will auto pull it from the affected user's mailbox and potentially save you from an IT disaster.
They are quick to respond and have talented support personnel.
Fraser Clark | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Proofpoint TRAP is being used across the entire organization currently. It is deployed centrally and in use across 4 countries. As it is an international product we have a Proofpoint trained team looking after it.
We've found Proofpoint TRAP to be very beneficial to the company so far, it helped us immensely during our last security test.
  • Automatically pulling malicious emails from users inboxes.
  • Low admin intervention.
  • Reducing remediation time on malicious emails.
  • Learning curve is steep.
  • Interface can be clunky.
  • Some interface items seem counter-intuitive.
Proofpoint TRAP can benefit any company in most scenarios. When used in conjunction with Proofpoint's main offering it is extremely powerful and reduces malicious email being delivered to almost zero.
And emails that do get delivered it is unsure about are cloned then detonated in a sandbox to see the impact and if it is then found to be malicious it will pull these mails from the user's inbox. With no interaction from administrators.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Threat Response Auto-Pull is a lifesaver if all "pro-active" controls fail. It will auto pull messages automatically from users' mailboxes, instructed by the "Targeted Attack Protection" module of Proofpoint. Especially with (spear) phishing, you can prevent a lot of trouble. This is all automatic, although if you really want, you can upload a CSV with the list of messages you want auto pulled.
  • Auto pull works great, even with our hybrid situation with 2 on premise exchange organizations.
  • Reporting is good, nice graphs of all the actions.
  • As threat response auto-pull uses a subset of the full threat response product, the GUI is too bloated.
  • It is still only an on premise VM, still waiting for a cloud version.
It is very well suited for any organization, though the pricing is more for larger organizations. Having auto pull available means you have fewer worries that phishing emails end up in users' mailboxes.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use TRAP enterprise-wide to help remove malicious messages from users' mailboxes. When a brand new threat sneaks by our email security appliance it's far less of a worry since TRAP will pull messages from mailboxes as soon as it starts detecting them!

Update, 6 months later: Proofpoint TRAP remains the MOST HELPFUL tool I've ever used for security incident response.
  • Finds malicious messages in users mailboxes that were not previously detected.
  • Gives good data about messages post-detection.
  • Integrates with AD.
  • Removing messages from mailboxes manually requires uploading a CSV in a particular format. More flexibility here would be great.
Incident response teams will see the most benefit from TRAP. Exchange teams will love it too because it means fewer exercises in Powershell message removal scripts.

Proofpoint Threat Response Auto-Pull Scorecard Summary

Feature Scorecard Summary

Incident Response Platforms (5)
81%
8.1
Integration with Other Security Systems (3)
86%
8.6
Attack Chain Visualization (2)
77%
7.7
Centralized Dashboard (3)
57%
5.7
Machine Learning to Prevent Incidents (1)
90%
9.0
Live Response for Rapid Remediation (3)
96%
9.6

What is Proofpoint Threat Response Auto-Pull?

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an audit-able activity trail.

With Proofpoint Threat Response Auto-Pull, you can protect your people, data, and brand from today’s threats by:

  • Automatically pulling malicious or unwanted messages from an end-users inbox.
  • Enriching each message by checking every domain and IP address against premium intelligence feeds.
  • Including built-in reporting, showing stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
  • Reducing the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Features

Incident Response Platforms Features

  • Supported: Integration with Other Security Systems
  • Supported: Attack Chain Visualization
  • Supported: Centralized Dashboard
  • Supported: Machine Learning to Prevent Incidents
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Automatically pull malicious or unwanted messages from an end-users inbox.
  • Supported: Enrich each message by checking every domain and IP address against premium intelligence feeds.
  • Supported: Built-in reporting showing things stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
  • Supported: Reduce the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Video

Email is a primary source of cyber-attacks for many organizations, and it starts with people. Find out how Proofpoint’s multi-layered email security helps prevent, defend, and respond to email attacks quickly and effectively within an organization.

Proofpoint Threat Response Auto-Pull Downloadables

Proofpoint Threat Response Auto-Pull Integrations

Proofpoint Threat Response Auto-Pull Competitors

Proofpoint Threat Response Auto-Pull Pricing

Proofpoint Threat Response Auto-Pull Technical Details

Deployment TypesOn-premise, SaaS
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo
Supported CountriesUnited States, Canada, United Kingdom, Germany, France, Italy, Australia, Japan
Supported LanguagesEnglish, German, French, Italian, Spanish, Japanese

Frequently Asked Questions

What is Proofpoint Threat Response Auto-Pull's best feature?

Reviewers rate Live Response for Rapid Remediation highest, with a score of 9.6.

Who uses Proofpoint Threat Response Auto-Pull?

The most common users of Proofpoint Threat Response Auto-Pull are from Enterprises and the Financial Services industry.