News
Proofpoint Expands Partner Ecosystem with CyberArk and Imperva
June 2016 by Marc Jacob
Proofpoint, Inc. announced two new relationships, one with CyberArk and one with Imperva, both intended to help joint customers quickly prevent data breaches through tight integrations with Proofpoint’s Threat Response threat management platform. Both relationships are a direct result of Proofpoint’s commitment to aligning with other leading next-generation cybersecurity companies to enable better, collaborative protection.
During a breach, most cybercriminals go after privileged user accounts to access databases and critical information. There is often a period of time between the actual break-in and when the attacker explores systems, locates sensitive data, attempts to access internal systems—and when the attacker ultimately steals information. It is essential that security teams act immediately to stop the attacker during the gap between compromise and attempted escape.
Proofpoint Threat Response, which provides automated incident response within a threat management platform, allows security teams to quickly identify compromised users who have access to privileged accounts, take immediate action to quarantine their critical access and prevent an attack from becoming a successful breach. Proofpoint’s integrations with CyberArk and Imperva enable joint customers to automatically push quarantine group policy changes into each respective system, drastically reducing the window of opportunity for the attacker.
Proofpoint Threat Response is the first threat management platform to provide security teams with the situational awareness to understand their most pressing threats and the tools to act quickly to remedy them. The platform automates incident response, correlates security alerts with rich contextual data to create actionable intelligence, confirms system infections, and enforces protections automatically or with the push of a button. Alert sources include Proofpoint Targeted Attack Protection, FireEye MPS, Palo Alto Networks WildFire, HP ArcSight, QRadar/Juniper STRM, Splunk, Cisco FirePOWER NGIPS and Suricata.
Armed with Proofpoint Threat Response insight, a cyber defender can quarantine a suspected spearphished user. When that quarantined user tries to utilize privileged credentials, the CyberArk Privileged Account Security Solution can immediately implement higher security controls around that user’s privileged access rights and capabilities on critical assets.
The integration between Proofpoint Threat Response and the CyberArk Solution helps mitigate the risk of a potential breach by making it difficult for attackers to access an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations.
Imperva and Proofpoint Threat Response customers can also proactively pinpoint a database administrator (DBA) compromise and automatically lock that DBA’s credentials. The integration enables Imperva SecureSphere to incorporate Proofpoint Threat Response findings into any SecureSphere policy, providing an orchestrated response. For example, SecureSphere can dynamically block the DBA from accessing any data directly at the database level.
Proofpoint’s ecosystem integrations are powered by the Proofpoint Nexus platform, which correlates hundreds of billions of data points from email, social, mobile and web-based threats.
