at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
Proofpoint Email Protection from Proofpoint
A comprehensive email security solution that prevents phishing attacks, business email compromise, and malware. Features include email authentication, URL defense, attachment defense, and threat intelligence specifically tailored for the financial industry's threat landscape.
Product analysis by function
Cybersecurity Solutions for IT and Infrastructure
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
Access Control
(8 Yes /8 Known /11 Possible features)
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
Proofpoint Email Protection supports multi-factor authentication for administrative access and user portals, as indicated in technical documentation and compliance datasheets. | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Role-based access control (RBAC) is explicitly listed as a feature in Proofpoint’s admin guide—permission levels are customizable per admin role. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
Proofpoint supports SAML-based SSO integration, as found on its integrations documentation page. | |
|
Access Logging Records all access attempts for audit trails. |
Access and activity logging features are standard for Proofpoint Email Protection, used for audit and compliance. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
Administrator permissions for privileged accounts are configurable and regularly monitored, as detailed in product best practices. | |
|
User Session Timeout Automatically terminates inactive sessions. |
Session management allows for automatic user session timeout—a standard Proofpoint feature for security. | |
|
Device Whitelisting Restricts access to approved devices only. |
No information available | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular permission levels are supported, as seen in the admin manual and user interface options. | |
|
API Key Management Secures and controls access to APIs. |
API key management is documented explicitly for integration and automation use-cases. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
No information available | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
Data Protection
(5 Yes /6 Known /10 Possible features)
|
End-to-End Encryption Encrypts data during all states and transfers. |
Proofpoint encrypts email data in transit and at rest using strong protocols—third-party audits and datasheets confirm end-to-end encryption. | |
|
Database Encryption Encrypts stored data in databases. |
Email, metadata, and logs are encrypted at rest in the Proofpoint platform, as per compliance documentation. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
No information available | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
No information available | |
|
Tokenization Replaces sensitive information with random tokens. |
No information available | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
Data Loss Prevention (DLP) is a core component of Proofpoint Email Protection, providing configurable rules for various data exfiltration scenarios. | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Extensive audit logs are maintained for all user access, configuration changes, and email processing events. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
Not as far as we are aware.* No direct feature for automated key rotation is documented for customers; managed encryption keys are rotated by Proofpoint according to their internal schedule. | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
Retention policies for logs and quarantined data can be set and managed in the product. |
Network Security
(2 Yes /2 Known /10 Possible features)
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
No information available | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
No information available | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
No information available | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
No information available | |
|
Network Segmentation Divides the network into separate zones for better security. |
No information available | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
Proofpoint provides DDoS protection for its cloud service, referenced in uptime and availability documentation. | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
No information available | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
All network communications to and from Proofpoint are encrypted (TLS 1.2/1.3), shown in security whitepapers. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
No information available | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
Threat Detection and Response
(5 Yes /5 Known /10 Possible features)
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
No information available | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Automatic remediation actions, such as message quarantine and user warning, are part of Proofpoint’s anti-phishing response pipeline. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Proofpoint’s alerting system provides real-time notifications of threats and events. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Threat intelligence feeds from Proofpoint and partners are used to update detection logic; this is a highlighted platform feature. | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
Incident response playbooks and automated actions are integrated for common email threats. | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
No information available | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
Automated compliance reporting is available for major standards (GDPR, SOX, etc.). |
Endpoint Security
(1 Yes /1 Known /10 Possible features)
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
No information available | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
Proofpoint scans inbound and outbound attachments and links for malware using multiple AV engines and sandboxing. | |
|
Device Control Restricts usage of external devices like USB drives. |
No information available | |
|
Patch Management Automates the distribution of security updates. |
No information available | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
No information available | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
No information available | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
No information available | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
No information available | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
No information available |
Fraud Detection and Prevention
(5 Yes /5 Known /10 Possible features)
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
No information available | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
Real-time monitoring of inbound and outbound email traffic for suspicious content and anomalous activity is a foundational function. | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
No information available | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
Geolocation verification for logins and message sources is available for risk assessment. | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
Device fingerprinting for access events and anomaly detection (not tied to endpoint DLP, but to email access and authentication). | |
|
Case Management Tracks fraud investigation from detection to closure. |
Case management for threat and fraud cases is included as a workflow in the admin console. | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
Fraud detection alerts can be rule-based and are fully configurable by administrators. | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
No information available |
Application Security
(4 Yes /4 Known /10 Possible features)
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
No information available | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Proofpoint offers regular vulnerability scanning for their SaaS application infrastructure. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
No information available | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
As an enterprise cloud product, regular external penetration tests are conducted and summarized in compliance documentation. | |
|
Automated Patch Deployment Deploys application security patches automatically. |
No information available | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
No information available | |
|
Session Management Security Protects active user sessions against hijacking. |
Session tokens are managed securely and session management is called out as a product security function. | |
|
API Security Controls Protects and monitors API endpoints. |
API security controls include authentication, rate limiting, and monitoring for API abuse. | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
No information available |
Regulatory Compliance
(6 Yes /6 Known /10 Possible features)
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Proofpoint provides audit-ready reports for industry-specific regulations including financial sector requirements. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
The product can enforce and automate compliance policies for email use and data retention. | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Immutable audit trails are generated for email flow, admin actions, and user events. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
No information available | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
Compliance processes including eDiscovery and retention can be automated based on workflow. | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
No information available | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Retention policies are enforced on email logs and quarantined data automatically. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Compliance documentation storage and retrieval is available for audit purposes. |
Identity and Access Management (IAM)
(7 Yes /7 Known /10 Possible features)
|
Centralized User Directory Maintains a single source of truth for user authentication. |
Proofpoint maintains a centralized directory for email user authentication and policy application. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service password reset options are provided for end-users. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
User access provisioning and deprovisioning integrates with central IT or directory infrastructure. | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Federated identity providers including SAML and Azure AD are supported. | |
|
Access Certification Regularly reviews and certifies user privileges. |
No information available | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
All stored credentials are encrypted at rest; see third-party attestations (SOC 2, ISO 27001) and product architecture. | |
|
Group Management Supports management of user groups and access policies. |
Group-based access management is configurable in Proofpoint admin interface. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Password strength requirements and rotation policies are enforced and configurable. | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
No information available |
Monitoring and Reporting
(7 Yes /7 Known /10 Possible features)
|
Real-time Dashboards Visualizes live security and system data. |
Dashboards in the admin portal provide real-time statistics and threat insight. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Security and access reports are fully customizable and schedulable. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Thresholds for various threat and DLP alerts are configurable. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Historical logs and reports can be retained long-term, as set by the organization's policy. | |
|
Audit Log Integration Centralizes logs from various sources. |
No information available | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User activity is monitored and analyzed for policy violations—core part of abuse and fraud detection. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Alerting via email, SMS, or connected applications (APIs, SIEM integration) is supported. | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Third-party log integration for SIEM and monitoring tools is available (Splunk, QRadar, etc.). | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
Resilience and Recovery
(7 Yes /7 Known /10 Possible features)
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Disaster recovery and business continuity, with geographically diverse datacenters and tested disaster plans, are referenced in Proofpoint’s compliance and technical documentation. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business continuity measures are outlined for Proofpoint’s SaaS platform and guarantee continued operation in the event of outages. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
Failover and redundancy are core tenets of Proofpoint’s architecture, supporting high availablility and automated failover. | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Backup and restore are automated within the SaaS platform, ensuring swift recovery. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Proofpoint documents its ability to help organizations quickly recover from ransomware via robust backup and message retention solutions. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
The SaaS system is subject to regular recovery and resilience testing, as per compliance attestations. | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
Automated backup verifications and system health checks are performed and summarized in SLA documentation. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
No information available |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.