Proofpoint announced an array of new innovations across its Threat Protection Platform, enabling organizations to combat today’s most advanced and prevalent threats such as Business Email Compromise (BEC) and supply chain attacks.
The enhancements provide organizations exceptional visibility into and detection of email fraud, defense against third-party and supplier compromise, and machine learning (ML) and behavioral analytics, all available via a new, easy-to-deploy inline API model.
“Email fraud and supply chain attacks have risen to higher levels of concern for security teams, both for their impact and their frequency,” said Ryan Kalember, executive vice president, cyber security strategy, Proofpoint. “Developing AI-powered security innovations that protect people and defend their data from today’s most harmful risks is our mission. Being the number one deployed solution of the Fortune 1000 along with hundreds of thousands of customers overall means our models are trained with the best data sets, allowing us to detect threats for our customers more accurately and with fewer false negatives and false positives than any other solution we’ve tested against.”
Supernova Behavioral Analysis Engine
Available to Proofpoint email security customers globally as a free detection stack upgrade, the Supernova Behavioral Engine is integrated into Proofpoint’s broader detection ensemble. It provides high-efficacy, low false-positive detection of malware-less threats like BEC and supplier fraud as well as malware-based threats like ransomware. Using language, relationships, cadence, and context to detect anomalous patterns in communications sent to employees, it prevents threats in real-time using advanced AI and ML.
Since its introduction in May 2022 among select customers, Supernova Behavioral Engine has blocked 19 million BEC and phishing attacks per month – notably one BEC attack that attempted to steal $194 million USD. In addition to powerful detection capabilities, it also powers a new uncommon sender email warning tag that provides real-time context about the message, enabling employees to take extra caution and report the email directly for analysis and remediation.
The new behavioral engine has also powered the creation of more than one billion HTML-based email warning tags. As part of the forensics provided by Proofpoint, email security customers can see the behavioral insights to understand how and why a message was identified and blocked as a threat.
Detection and visibility into compromised supplier accounts
Our 2022 Voice of the CISO report revealed that more than a quarter of global CISOs (27%) believe that supply chain attacks will become one of the biggest cybersecurity threats in their industry within the next year. Proofpoint is making available, as early access, capabilities for security teams to gain visibility into potentially compromised supplier and third-party accounts.
Leveraging both analytics and machine learning, Proofpoint’s threat detection platform builds a baseline of communication patterns between organizations and uniquely combines behavioral and threat signals to detect potentially compromised supplier accounts. Should a known or trusted supplier suddenly send malicious emails or messages to multiple recipients with which it has not previously communicated, organizations can get ahead of the compromised account without depending on the supplier to report it.
Detailed forensics about target recipients, threats associated with the potentially compromised account, and the number of other organizations in the Proofpoint ecosystem which were also targeted from the compromised account provide additional context, empowering security analysts to prioritize or automate remediation efforts.
New deployment option utilizing APIs and inline architecture
All Proofpoint solution bundles are now available with a new deployment option using both APIs and inline architecture to deliver advanced AI-powered, cloud-based protection to complement native Microsoft 365 defenses, offering customers greater choice and flexibility. Configured in minutes, the new deployment mode does not require MX record changes and provides inline protection to block malicious emails from reaching the inbox.
Powered by advanced machine learning, behavioral analytics, and threat intelligence, the Threat Protection Platform efficiently blocks email messages predelivery to reduce the risk of users interacting with malicious content of all types, from malware to credential attacks to pure social engineering. It also includes unique in the industry threat intelligence and risk visibility in the TAP Dashboard and Nexus People Risk Explorer, and features integrations such as TAP-Guided Training, VAP Isolation, and the CLEAR abuse mailbox.
Available now, the PX package utilizes the new API and inline architecture to deliver protection for organizations that prefer pre-configured policies and do not need advanced capabilities like click-time protection for URLs or attachment sandboxing. PX also does not require MX record changes. Using machine learning, behavioral analytics, and threat intelligence, it blocks sophisticated BEC attacks, phishing, supply chain, and ransomware attacks with the industry’s best efficacy rate (false positives in fewer than 1 in 4 million messages) before they reach the inbox.