Proofpoint Threat Intelligence Integration with Threater

Today’s advanced attacks are launched with increasing frequency by cyber criminals who have many different motives. Some focus on making a profit, and some engage in espionage. The tools they use in these attacks have things in common. But each campaign uses botnets, proxies, attack vectors and command and control systems in a unique way. This makes it nearly impossible to keep pace with changes in the threat landscape.

Alternate Threater logo
Transparent Proofpoint logo

Benefits

Better protect your network from Domains and IPs associated with malware delivery, command and control, botnets, credential phishing, ransomware and coin-mining, attack spread and exploit kits.

Proofpoint Emerging Threats Intelligence automatically updated in Threater platform ensuring protection is always

Easy and fast deployment via Threater Intelligence Marketplace.

Proofpoint Emerging
Threats Intelligence

Proofpoint Emerging Threat (ET) Intelligence is the industry’s most timely and accurate source of threat intelligence. It combines actionable information, including up-to-the minute IP and domain reputation feeds, with a database of globally observed threats and malware analysis. And it gives your security team the intelligence they need to stop malicious attacks and the context to investigate them.

Proofpoint Emerging Threats intelligence comes from direct observation that is updated in real time. This provides you with the actionable intelligence to combat today’s emerging threats.

Proofpoint ET Labs’ team of dedicated threat researchers and analytics systems do the work—so you don’t have to. They provide 100% originally sourced threat intelligence on malware delivery, command and control, botnets, credential phishing, ransomware and coin-mining, attack spread and exploit kits.

The Proofpoint ET Intelligence subscription on the Threater Intelligence Marketplace includes both an IP Threat List and a Domain Denied List.

Intelligence Collection Approach

We start with known malware and passive DNS telemetry to identify DGA domains, sinkholes, and malware & phishing domains through our analytic and machine-learning layers. The data is restricted to only currently relevant threats and historical or otherwise inactive campaigns are removed. The data is then run through a unique curation layer that has multiple levels of white-listing and curation to avoid false positives. This helps ensure the data is clean, highly-actionable, and optimized for blocking at the perimeter to protect against entire malware families and campaigns.

The threat research team is constantly combing through our data and public reports to identify new malware families, campaigns, and other techniques to identify new or otherwise undetected threats to keep the data relevant and fresh. The system is frequently updated as new techniques are identified or new machinelearning models created to increase the visibility into the threat landscape.

Want to Learn More?
Contact Us.

Threater welcomes your questions. Please fill out the Contact Form and a Threater team member will reply within one business day.