Home > Categories > Cloud Infrastructure as a Service > Proofpoint SOARs Above the Rest With Award-Winning Security Orchestration, Automation, and Response

Home > Categories > Cloud Infrastructure as a Service > Research > Proofpoint SOARs Above the Rest With Award-Winning Security Orchestration, Automation, and Response

Proofpoint SOARs Above the Rest With Award-Winning Security Orchestration, Automation, and Response

Proofpoint’s Threat Response has claimed the Cybersecurity Excellent Awards Gold Winner for 2019 in the Incident Response category. While it is well known in the security space that there is no silver bullet solution for every attack, Proofpoint’s solution aims to reduce the manual labor and guesswork required in times of chaos, helping organizations to resolve incidents more efficiently.

Threat Response is a security orchestration, automation, and response solution designed to manage several crucial steps of the incident management process. The solution is able to ingest security alerts from multiple security tools and endpoint forensics as well as additional context and intelligence from both internal and external sources.

By aggregating and analyzing all of this data, the solution can make that data actionable by then automating workflows and response procedures, including lists and objects for enforcement. It can integrate with existing security infrastructure to block verified threats and quarantine infected systems and user accounts to minimize the prorogation of the incident.

Our Take

While the solution offers significant benefits, there are some potential drawbacks and possible risks to be aware of:

  • Garbage in, garbage out. The solution can be limited by the quality of data that it is given. If your security controls or threat intelligence are not providing accurate data, false positives may lead to extra work or true positives may result in incidents not being detected until it’s too late.
  • Better safe than sorry? Quarantining and containing infected systems may result in over-protection at times, which may prevent users outside the scope of the incident from performing their job duties.
  • Too much of a good thing? The automated eradication may resolve the issue too quickly, before it has been fully investigated. As a result, the learning process associated with incident response may be lost. The symptoms of the attack are addressed, but the vulnerabilities that caused it have not necessarily been tackled.

Want to Know More?

Proofpoint – Threat Response

Cybersecurity Excellence Awards – Proofpoint Threat Response

Other Recent Research in Cloud Infrastructure as a Service

Cloud Infrastructure as a Service

Software Winners In a Post-Pandemic World – Atlassian Is a Refreshing Value Play

COVID-19 has forced software companies and their suppliers to refocus efforts around prioritizing systems and workflows that are nearly 100% digital in nature. As a result, Info-Tech has observed the quick emergence of six market themes that are highly relevant post COVID-19. This note series will profile key vendors and how they fit into the post-COVID-19 world.

Cloud Infrastructure as a Service

Software Winners In a Post-Pandemic World – Microsoft Checks All the Boxes

COVID-19 has forced software companies and their suppliers to refocus efforts around prioritizing systems and workflows that are nearly 100% digital in nature. As a result, Info-Tech has observed the quick emergence of six market themes that are highly relevant after COVID-19. This note series will profile key vendors and how they fit into the post-COVID-19 world.

Cloud Infrastructure as a Service

Oracle Launches Cloud@Customer, Bringing the Autonomous Database to the Data Center

Oracle has announced the general availability of Exadata Cloud@Customer, a managed service that enables enterprises to unlock the previously cloud-first features of Oracle's Autonomous Database for on-premises data centers. This offering is ideal for enterprises that must conform with regulatory and/or technical challenges that force on-premises database residency.

Cloud Infrastructure as a Service

Microsoft Cloud Services Usage Surges 775% for Teams in Regions With Enforced Social Distancing – Part 2

Experiencing issues when using Microsoft online services? You are not alone. Capacity constraints were being hit, pre-COVID-19, and usage has surged in regions with enforced social distancing.