Proofpoint Data Ingestion for Falcon Insight XDR
Enhance Falcon Insight XDR detections with Proofpoint email security data
- Extended Detection and Response
- Email and Web Security
Protection and visibility for your greatest cybersecurity risk—your people
Proofpoint and CrowdStrike® have partnered to transform your security program and protect your organization from the ever-changing threat landscape. Together, we improve your security efficacy and enhance your visibility and context around threats. Our orchestration and response capabilities make your security team more productive.
Multi-layered threat protection This integration leverages Proofpoint TAP and CrowdStrike to provide both pre-delivery and post-delivery protection and remediation through threat intelligence sharing.
Secure against attacks Secure your organization’s devices and data against sophisticated malware and malware-free attacks.
Pre-delivery protection for external email Proofpoint leverages CrowdStrike intelligence to block malicious email attachments at the gateway. Our combined visibility and threat detection capabilities protect your inbox and endpoint. Proofpoint sandboxes incoming files and queries the CrowdStrike Intelligence API for file reputation. You get improved protection through our threat intelligence sharing, since we block ransomware, polymorphic malware, keyloggers, and zero-day threats from getting to your inbox.
Post-delivery automated remediation Proofpoint automatically detects and quarantines email that turns malicious post-delivery and we share intelligence about unknown threats with CrowdStrike. This helps to limit future attacks on your endpoints. Proofpoint quarantines any messages that have been delivered or forwarded. If unknown to CrowdStrike, the malicious hash is added to the CrowdStrike list of custom indicators of compromise (IOCs). An alert is created if the malicious content tries to execute on the device.
Immediate visibility Gain immediate visibility and context into threat adversaries and attack vectors.
Pre-delivery protection for internal email Proofpoint Internal Mail Defense scans internal-to-internal email communications and at the same time can leverage the integration of CrowdStrike intelligence for multi-layered protection against emails containing attachments. This provides customers with the exact same protection as external threats but for internal to internal email communications. If a malicious internal email has been found, Proofpoint TRAP can automatically quarantine all related messages.
Protect people, defend data