Skip to main content
TrustRadius
Proofpoint Threat Response Auto-Pull

Proofpoint Threat Response Auto-Pull

Overview

What is Proofpoint Threat Response Auto-Pull?

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as…

Read more
Recent Reviews

TrustRadius Insights

TRAP, or Targeted Attack Protection, offers a range of features that address various email security challenges. One significant use case …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Proofpoint Threat Response Auto-Pull?

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

3 people also want pricing

Alternatives Pricing

What is KnowBe4 PhishER?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…

What is Kaspersky EDR Expert?

Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…

Return to navigation

Product Details

What is Proofpoint Threat Response Auto-Pull?

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an audit-able activity trail.

With Proofpoint Threat Response Auto-Pull, you can protect your people, data, and brand from today’s threats by:

  • Automatically pulling malicious or unwanted messages from an end-users inbox.
  • Enriching each message by checking every domain and IP address against premium intelligence feeds.
  • Including built-in reporting, showing stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
  • Reducing the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Features

Incident Response Platforms Features

  • Supported: Integration with Other Security Systems
  • Supported: Attack Chain Visualization
  • Supported: Centralized Dashboard
  • Supported: Machine Learning to Prevent Incidents
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Automatically pull malicious or unwanted messages from an end-users inbox.
  • Supported: Enrich each message by checking every domain and IP address against premium intelligence feeds.
  • Supported: Built-in reporting showing things stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute
  • Supported: Reduce the remediation time needed from hours to minutes.

Proofpoint Threat Response Auto-Pull Video

Email is a primary source of cyber-attacks for many organizations, and it starts with people. Find out how Proofpoint’s multi-layered email security helps prevent, defend, and respond to email attacks quickly and effectively within an organization.

Proofpoint Threat Response Auto-Pull Integrations

Proofpoint Threat Response Auto-Pull Competitors

Proofpoint Threat Response Auto-Pull Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo
Supported CountriesUnited States, Canada, United Kingdom, Germany, France, Italy, Australia, Japan
Supported LanguagesEnglish, German, French, Italian, Spanish, Japanese

Proofpoint Threat Response Auto-Pull Downloadables

Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(14)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

TRAP, or Targeted Attack Protection, offers a range of features that address various email security challenges. One significant use case is the ability for users to manually review and analyze email headers, enabling them to gain deeper insights into system dispositions. This allows for a more comprehensive understanding of incoming emails and helps identify potential threats.

Another key use case is the flexibility TRAP provides in managing emails. Users have the option to automate or manually pull messages, giving them greater control over their inbox management. This feature proves invaluable by saving time and eliminating the need to wait for the email team's response.

Additionally, TRAP streamlines incident response workflows by automating the process of pulling threat and spam emails. By doing so, it significantly improves response time and network security while preventing users from inadvertently opening malicious content. The software removes identified phishing or malware emails automatically, saving manual effort and reducing the chance of malware outbreaks and network downtime.

Moreover, TRAP enhances threat response by automatically quarantining threats and sending them to a designated mailbox. This extra layer of protection adds an additional level of security by reducing user vulnerability to email threats.

The software also offers unique capabilities such as functioning as a message recall service, allowing users to retrieve messages from their mailbox that were already sent—an advantage not found in Microsoft's message recall feature. Furthermore, TRAP assists in educating users about identifying and avoiding phishing attacks by notifying them when potential threats are detected.

Overall, TRAP proves valuable across organizations of all sizes. It saves time on quarantining and evaluating user-submitted emails, making it highly beneficial during security tests. The software remains an essential tool for security incident response, automatically pulling messages from mailboxes and preventing trouble. Its targeted attack protection module is particularly useful for addressing spear phishing incidents effectively.

Users commonly recommend the following based on their experiences with Proofpoint Trap:

  1. Consider integrating Proofpoint Trap with an email protection gateway. Users highly recommend combining Proofpoint Trap with an email protection gateway, as it enhances the overall security and effectiveness of email threat detection and response.

  2. Automate tasks while keeping analyst attention for certain incidents. Reviewers suggest automating tasks whenever possible to streamline incident response. However, they also advise that some incidents may require the attention of an analyst. Finding the balance between automation and analyst intervention is crucial for effective threat management.

  3. Address phishing and malicious emails promptly. Users emphasize the importance of a product that can automatically address phishing and malicious emails or do so within a reasonable timeframe. They highlight the benefits of having a solution that handles these threats efficiently, reducing the time it takes to act upon such incidents.

It's worth noting that these recommendations come from users who found Proofpoint Trap to be valuable in combating phishing campaigns and 0-day malware attacks. They suggest exploring other internal systems that can integrate with Proofpoint Trap for added value. Additionally, while users find the product self-running, they recommend a quick steps guide to aid in configuration due to extensive documentation.

Attribute Ratings

Reviews

(1-4 of 4)
Companies can't remove reviews or game the system. Here's why
Chris Bash | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
TRAP is being used across our whole organization. We use it in conjunction with PPS, TAP, and PSAT with CLEAR. It saves us about 5 - 10 hours per week quarantining emails and evaluating user-submitted emails. We have auto-response templates set up so that user-submitted emails will automatically be replied to with the verdict of their submission.
  • It will automatically pull malicious emails from users' mailboxes if they are not detected first by PPS.
  • It will evaluate user-submitted suspect phishing emails and reply to the users with the result of the evaluation.
  • It will pull emails from users per an admin-submitted CVS file of emails we want to pull.
  • It informs admins of the status of its email investigations.
  • Would like an Azure virtual machine version of it. Currently, it's only supported on VMware and AWS.
  • Configuring authentication certificates on it is not easy.
  • It does not work with RSASSA-PSS signed certificates.
If your email admins spend time manually pulling malicious emails, this tool will save them countless hours of work and will do it for them 24 x 7. So if a user receives a malicious email after-hours, TRAP will auto pull it from the affected user's mailbox and potentially save you from an IT disaster.
Incident Response Platforms (5)
66%
6.6
Integration with Other Security Systems
90%
9.0
Attack Chain Visualization
80%
8.0
Centralized Dashboard
60%
6.0
Machine Learning to Prevent Incidents
N/A
N/A
Live Response for Rapid Remediation
100%
10.0
  • Saves email admins approximately 10 hours per week from manually investigating and pulling malicious emails.
  • With auto-response templates, it teaches users how to better react to suspicious emails.
  • If one user submits a malicious email, it will auto pull the same email from the others affected users. That's great for preventing further outbreaks.
TRAP had fewer false positives and caught more malicious emails. With the host of companion products, it was more complete package. It gives us the ability to pull emails using an admin-submitted CVS file of emails to pull. EOP does not have this capability.
Proofpoint Advanced Threat Protection, Proofpoint Cloud App Security Broker (Proofpoint CASB), Proofpoint Email Protection, Proofpoint Security Awareness Training (formerly Wombat Security)
It's easy to use and requires very little administrator hands on.
They are quick to respond and have talented support personnel.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Proofpoint Threat Response Auto-Pull is a lifesaver if all "pro-active" controls fail. It will auto pull messages automatically from users' mailboxes, instructed by the "Targeted Attack Protection" module of Proofpoint. Especially with (spear) phishing, you can prevent a lot of trouble. This is all automatic, although if you really want, you can upload a CSV with the list of messages you want auto pulled.
  • Auto pull works great, even with our hybrid situation with 2 on premise exchange organizations.
  • Reporting is good, nice graphs of all the actions.
  • As threat response auto-pull uses a subset of the full threat response product, the GUI is too bloated.
  • It is still only an on premise VM, still waiting for a cloud version.
It is very well suited for any organization, though the pricing is more for larger organizations. Having auto pull available means you have fewer worries that phishing emails end up in users' mailboxes.
Incident Response Platforms (5)
46%
4.6
Integration with Other Security Systems
70%
7.0
Attack Chain Visualization
N/A
N/A
Centralized Dashboard
70%
7.0
Machine Learning to Prevent Incidents
N/A
N/A
Live Response for Rapid Remediation
90%
9.0
  • Chances of phishing attacks has decreased.
  • Your employees don't have to do anything, so no impact on productivity.
Fraser Clark | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Proofpoint TRAP is being used across the entire organization currently. It is deployed centrally and in use across 4 countries. As it is an international product we have a Proofpoint trained team looking after it.
We've found Proofpoint TRAP to be very beneficial to the company so far, it helped us immensely during our last security test.
  • Automatically pulling malicious emails from users inboxes.
  • Low admin intervention.
  • Reducing remediation time on malicious emails.
  • Learning curve is steep.
  • Interface can be clunky.
  • Some interface items seem counter-intuitive.
Proofpoint TRAP can benefit any company in most scenarios. When used in conjunction with Proofpoint's main offering it is extremely powerful and reduces malicious email being delivered to almost zero.
And emails that do get delivered it is unsure about are cloned then detonated in a sandbox to see the impact and if it is then found to be malicious it will pull these mails from the user's inbox. With no interaction from administrators.
Incident Response Platforms (5)
68%
6.8
Integration with Other Security Systems
80%
8.0
Attack Chain Visualization
60%
6.0
Centralized Dashboard
30%
3.0
Machine Learning to Prevent Incidents
90%
9.0
Live Response for Rapid Remediation
80%
8.0
  • Helped mitigate the email portion of our penetration test entirely.
  • Made us aware of the amount of suspicious emails being delivered.
  • Prevented malware spreading through mail.
I have not evaluated any other products against TRAP.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use TRAP enterprise-wide to help remove malicious messages from users' mailboxes. When a brand new threat sneaks by our email security appliance it's far less of a worry since TRAP will pull messages from mailboxes as soon as it starts detecting them!

Update, 6 months later: Proofpoint TRAP remains the MOST HELPFUL tool I've ever used for security incident response.
  • Finds malicious messages in users mailboxes that were not previously detected.
  • Gives good data about messages post-detection.
  • Integrates with AD.
  • Removing messages from mailboxes manually requires uploading a CSV in a particular format. More flexibility here would be great.
Incident response teams will see the most benefit from TRAP. Exchange teams will love it too because it means fewer exercises in Powershell message removal scripts.
Incident Response Platforms (5)
N/A
N/A
Integration with Other Security Systems
N/A
N/A
Attack Chain Visualization
N/A
N/A
Centralized Dashboard
N/A
N/A
Machine Learning to Prevent Incidents
N/A
N/A
Live Response for Rapid Remediation
N/A
N/A
  • Streamlined IR processes
  • Gives the Exchange team more free time since they don't have to participate in IR activities as frequently
I have never evaluated TRAP against another product.
Return to navigation