Item: Proofpoint Threat Response Auto-Pull
Rating: 10
Author: Fraser Clark

Use Cases and Deployment Scope

Proofpoint TRAP is being used across the entire organization currently. It is deployed centrally and in use across 4 countries. As it is an international product we have a Proofpoint trained team looking after it.
We've found Proofpoint TRAP to be very beneficial to the company so far, it helped us immensely during our last security test.

Pros and Cons

Automatically pulling malicious emails from users inboxes.
Low admin intervention.
Reducing remediation time on malicious emails.

Learning curve is steep.
Interface can be clunky.
Some interface items seem counter-intuitive.

Return on Investment

Helped mitigate the email portion of our penetration test entirely.
Made us aware of the amount of suspicious emails being delivered.
Prevented malware spreading through mail.

Alternatives Considered

I have not evaluated any other products against TRAP.

Other Software Used

Proofpoint Advanced Threat Protection, Proofpoint Email Protection

Likelihood to Recommend

Proofpoint TRAP can benefit any company in most scenarios. When used in conjunction with Proofpoint's main offering it is extremely powerful and reduces malicious email being delivered to almost zero.
And emails that do get delivered it is unsure about are cloned then detonated in a sandbox to see the impact and if it is then found to be malicious it will pull these mails from the user's inbox. With no interaction from administrators.

Proofpoint TRAP - Pull malicious emails

Overall Satisfaction with Proofpoint Threat Response Auto-Pull