New integrated solutions solve for the most critical risks facing organizations when it matters mostโspanning threat, identity, and dataโto detect more attacks pre-delivery, quantify the impact of compromised identities, and improve the efficiency of defenders responding to data loss
Proofpoint, Inc., a leading cybersecurity and compliance company,ย introduced industry-first innovations that address the top risks organizations faceย todayโfrom business email compromise (BEC), the leading cause of financial loss for organizations, to ransomware and data exfiltration. The unified solutions, announced atย Proofpoint Protect 2023, span the companyโsย Aegis Threat Protection,ย Identity Threat Defenseย andย Sigma Information Protectionย platforms to thwart threats across the most critical stages of the attack chain. Fueled by trillions of detected threat activities sourced from one of the most comprehensive data sets in the industry, Proofpointโs new AI- and ML-powered innovations equip security practitioners with unmatched visibility, flexibility, and depth to detect and disrupt sophisticated adversaries across their organizationsโ attack surfaces.
โThe critical parts of the attack chain canโt be effectively combatted without taking a people-centric approach,โ said Ryan Kalember, executive vice president, cybersecurity strategy, Proofpoint. โWe analyze more human communications than any other cybersecurity company, allowing us to deliver industry-first innovations that disrupt the threat actorโs playbook across the attack chain for email fraud, ransomware, data theft, and other risks that matter.โ
CIO INFLUENCE News: Sungrow Launches New Version of Its Management and Monitoring System iSolarCloud
AI and ML require robust detection models and a high-fidelity data pipeline to yield accurate detection rates, operational efficiencies, and automated protection.ย Proofpoint customers benefit from one of the largest and most diverse global cybersecurity data pipelines across email, the cloud, and mobile computing. Every year, Proofpoint analyzes an unparalleled amount of data sourced from more than 2.8 trillion scanned email messages, 17 trillion scanned URLs, 1.3 trillion scanned SMS and MMS, and 46 million DLP end users.
Preventing Initial Compromise
Email is the number one attack vector leading to successful compromise. Proofpointโs Aegis Platform is the only AI/ML-powered, cloud-based threat protection platform that disarms today’s advanced attacks, including email fraud (BEC), ransomware, weaponized URLs, multifactor authentication (MFA) bypass for credential phishing, and more. New enhancements and features in Aegis include:
- Industry-first LLM-based Pre-delivery Threat Detection: Through Proofpointโs implementation of the BERT large language model (LLM) within Proofpointโsย CLEAR solution, the company is pioneering industry-first, pre-delivery protection against social engineering attacksย beforeย they can do harm.
CIO INFLUENCE News: AutoCrypt Security Fuzzer Expands Vehicle Fuzzing Capabilities Through Major Upgrade
Pre-delivery protection is so critical because, based on Proofpointโs telemetry across more than 230,000 organizations around the world, post-delivery detections are frequently too late. Nearly one in seven malicious URL clicks occur within one minute of the emailโs arrival, and more than one-third of BEC replies happen in less than five minutes. These narrow timeframes, during which a user can fall prey to an attack, underscore the importance of blocking malicious attacks before they can reach a userโs inbox.
| Time Elapsed | ||||||
| <30 seconds | <1 minute | <5 minutes | ||||
| Clicks on new malicious URLs | 6.5% | 13.4% | 43.3% | |||
| Responses to BEC messages | 18.5% | 20.8% | 34.3% | |||
| Responses to BEC messages delivered by telephone | 30.2% | 31.7% | 44.6% | |||
This LLM-based detection has also proven highly successful at detecting malicious messagesโboth those created traditionally and with generative AI. Proofpoint has also been using ChatGPT, WormGPT, and other generative AI-created malicious content to train our models.
- Enhanced Visibility into Blocked Threats:ย Last year, businessesย lost more than $2.7 billionย due to BEC scamsโnearly 80 times greater than losses due to ransomware. Beginning in Q3, new summaries in the Targeted Attack Prevention (TAP) Dashboard will provide enhanced explanation on BEC condemnations performed by Proofpointโs CLEAR solution, including threats condemned by the new LLM-based detection. Condemnation summaries will include why a threat was determined to be a BEC attack and its corresponding response timelines, reducing security practitionersโ time spent on threat analysis and reporting to management.
Identity Threat Defense: Attack Path Risk
The global increase in cyberattacks has been enabled by attackers shifting their tactics and focus to identity-based attacks, withย 84% of organizations falling victim to an identity-related breachย last year. When attackers first land on a host, itโs very rarely their end target. Instead, they escalate privilege and move laterally across an environment to exploit privileged credentials.
By bringing together market-leading data across the attack chain between Proofpointโs Aegis and Identity Threat Defense platforms, security practitioners can understand the number of attack paths for ransomware and data exfiltration should an employeeโs identity be compromised for privileged identity abuse and lateral movement with Proofpointโs newย Attack Path Risk. Available in Q4 within Proofpointโs TAP dashboard, organizations that add Proofpointโs Identity Threat Defense to their Proofpoint Aegis implementation can empower their analysts to swiftly prioritize the remediation and adaptive controls.
Defending Against Data Exfiltration: Misdirected Email
Proofpoint Sigma is the only information protection platform that merges content classification, threat telemetry and user behavior across channels in a unified, cloud-native interface to stop data loss and insider threats. Proofpoint is the worldโs largest Insider Threat Management (ITM) provider and second largest data loss prevention (DLP) vendor globally and by revenue (Gartner). Driven by the accelerated adoption of work-from-anywhere practices, Sigma is trusted by nearly half of the Fortune 100 and deployed to over 5,000 customers and 46 million users worldwide, analyzing 45 billion events each month.
Leveraging behavior anomaly detection machine learning for content scanning, Proofpointโs newย Misdirected Emailย solution, available in Q4, prevents users from accidentally sending emails and files to the wrong recipient and possibly creating a data loss incident.
CIO INFLUENCE News: Blend360 Announces Suite of New Generative AI Features to Drive Clientsโ Business Performance
Generative AI-based Analysis for Powerful Threat Insights Across the Attack Chain: Proofpoint Security Assistant
Proofpoint continues to deliver unique AI and ML innovations based on telemetry from its vast customer set comprised of more than 230,000 global enterprises and small- and medium-sized businesses as well as 150 ISP and mobile network providers. Previewed for the first time at Protect 2023,ย Proofpoint Security Assistant, a new generative AI user interface, empowers analysts to ask natural language questions and receive actionable insights and recommendations based on the trillions of combined data points across Proofpointโs platforms.
Available in Q4 as a technology preview in the Sigma Information Protection platform, DLP SOC analysts can pose questions such as, โshow me John Doeโs exfiltration attempts and recommend which DLP controls we should add.โ Over time, Proofpointโs generative AI-based interface will be expanded to the Aegis and Identity Threat Defense platforms, enabling security practitioners to gain powerful threat insights by asking queries such as, โshow me the leading Very Attacked People who have the most attack paths that would result in a ransomware-based data exfiltration.โ
Responsible Approach to Generative AI
The integrity, privacy and security of customer data is of paramount importance to Proofpoint. We rigorously evaluate each generative AI tool for compliance with Proofpointโs corporate tenets. For example, we use internally deployed versions of generative AI tools, and we do not allow LLM providers to train their models using Proofpoint-held data.
CIO INFLUENCE News: Quantum Computing and European-Based Assured Cyber Protection Ltd Enter into Sales and Teaming Agreement
[To share your insights with us, please write toย sghosh@martechseries.com]
