Proofpoint: Smart SOAR Integration Guide & Benefits

Platform
- - - Platform
      
      The Smart SOAR platform delivers the automation capabilities you need to outpace and outthink cyber threats.
      
      Smart SOAR for Enterprise
      
      Smart SOAR for MSSP
    - Get started with D3 Security
      
      Want to see us in action? You can get started with SOAR today.
      
      Get Started
Why D3 Security?
- - - Why Smart SOAR?
      
      D3 Security is the leader in security automation and incident response.
      
      Smart SOAR for Enterprise
      
      Smart SOAR for MSSP
    - Get started with D3 Security
      
      Want to see us in action? You can get started with SOAR today.
      
      Get Started
Solutions
- - - Solutions
      
      Next-generation SOAR technology with flexibility and expertise tailored to the needs of your organization.
    - SOAR Implementation Service
    - SOAR Replacement Service
    - Get started with D3 Security
      
      Want to see us in action? You can get started with SOAR today.
      
      Get Started
Partners
- - - Partners
      
      See how D3 Security works with our partners to enable seamless multi-vendor security orchestration and incident response.
    - Integrations
    - Sales Channel
    - Become a Partner
    - Get started with D3 Security
      
      Want to see us in action? You can get started with SOAR today.
      
      Get Started
Resources
- - - Resources
      
      The source for the latest D3 Security content and SOAR reports, including case studies, data sheets, and webinars.
    - Gartner SOAR Market Guide
      
      Learn what Gartner says about SOAR strategies and vendors.
      
      GET NOW
Company
- - - Company
      
      Get a behind-the-scenes look at D3 Security . Learn about our mission, leadership and careers. We’re hiring!
    - Get started with D3 Security
      
      Want to see us in action? You can get started with SOAR today.
      
      Get Started
Get a Demo

Smart SOAR Integration

With a growing volume of cyberattacks, and so many of them starting with email, security teams need tools to keep pace with attackers. That means analysts can’t waste time manually enriching and analyzing every alert. D3 NextGen SOAR provides an end-to-end incident response solution for email-based incidents detected by Proofpoint TAP, and can enrich any incident—regardless of detection source—with Proofpoint’s up-to-the-minute, globally aggregated threat intelligence.

Integration	Capabilities
Proofpoint Targeted Attack Protection	D3 can ingest events from Proofpoint TAP to enrich, investigate, and respond to potential email-based attacks
Proofpoint Emerging Threats Intelligence	D3 users can enrich incidents with domain and IP reputations from Proofpoint ETI

Key Use Case

Potential Phishing Analysis

When a potential phishing attack is escalated to D3 from Proofpoint TAP, D3 extracts all the IOCs from the event, such as the sender’s domain. D3 can then look up those extracted indicators in Proofpoint ETI, other threat intelligence sources, and past incidents to reveal any associated malicious activity. Based on the results, D3 can then trigger a response playbook to block the IP, blacklist the sender, notify the email recipient, and orchestrate any other appropriate actions.

Automated Enrichment

Analysts are expected to rapidly investigate incidents, without compromising the process. For many, this means manually cross-referencing and copying hashes and other data. Over a year in a SOC, this means hundreds of hours per analyst plus some degree of human error. D3 can automatically extract IOCs such as domains and IPs from events and look up their reputations in Proofpoint ETI, enabling instant analysis without changing interfaces.

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.