A timely and accurate rule set for detecting and blocking advanced threats using your existing network security appliances.
Proofpoint ET Pro is a timely and accurate rule set for detecting and blocking advanced threats using your existing network security appliances, such as next generation firewalls (NGFW) and network intrusion detection / prevention systems (IDS/IPS). Updated daily and available in SNORT and Suricata formats, ET Pro covers more than 40 different categories of network behaviors, malware command and control, DoS attacks, botnets, informational events, exploits, vulnerabilities, SCADA network protocols, exploit kit activity, and more.
Today, advanced cyber attack campaigns are perpetrated by a variety of actors with motives ranging from profit to espionage. While the basic tools used to execute these attacks have common elements and are often derived from fewer than 20 known exploit kits, each campaign is unique in its use of bot nets, proxies, attack vectors, and command and control systems. Given the dynamic nature of these campaigns, it has become nearly impossible for enterprises to keep pace with the changing threat landscape. That’s where Proofpoint comes in.
Stop threats before they reach your people and respond quickly when things go wrong. OSIgate integrated with Proofpoint is innovative solutions prevent, detect, and notify you of advanced threats through internet, email, spoofing, mobile, social, and the desktop and help you resolve them before they cause harm. OSIgate is offering Proofpoint ET integration ...
Read More about reputation defense integration
Proofpoint ET PRO integration ...
Proofpoint gives you protection and visibility for your greatest security risk
click to see report ...
Proofpoint provide the most effective security and compliance solutions to protect people on every channel including email, the web, the cloud, and social media.
Threat Protection
Defend your #1 threat vector, stopping malware, credential phishing, and impersonation across email and cloud. Orchestrate responses to detected attacks and get actionable intelligence on who your Very Attacked People (VAPs) are.
Information Protection
Get visibility into where your sensitive data is exposed across email and the cloud. Lock down access to files in the cloud, prevent data loss, and archive email and other communications to stay compliant.
User Protection
Educate your people and reduce risk with advanced threat simulations and security awareness training. Protect them across personal webmail and web browsing.
Ecosystem Protection
Secure the digital channels you don't own. Block imposter attacks and malicious content that uses trusted and lookalike email domains, web domains, and social media handles.
There are five requirements for producing quality network-based detection in the face of a constantly evolving threat landscape:
- Early access to the latest malware samples from around the world.
- An automated sandbox environment, capable of evaluating millions of new malware samples per day and capturing the resulting network behavior.
- Dedicated focus on detecting the interaction between the compromised organization and the attackers’ command and control systems.
- Unwavering commitment to writing and testing high-fidelity detection signatures to minimize false positives.
- Daily updates.
Security teams are often dissatisfied with their network IDS/IPS and NGFW deployments due to the overwhelming number of false positives and their inability to notify them when an actual breach takes place. This is because standard IDS/IPS signatures are designed to detect exploits against known vulnerabilities in hosts on the network – even if the systems are patched and not actually vulnerable. Yet, these security platforms are ideally positioned on the network to monitor for malware activity, including stealth communication to and from the remote command and control sites.
ET Pro Ruleset features include:
- Emphasis on fingerprinting actual malware / C2 / exploit kits, and in the wild malicious activity missed by traditional prevention methods.
- Support for both SNORT and Suricata IDS/IPS formats.
- Over 37,000 rules in over 40 categories.
- 10 to 50+ new rules are released each day.
- Extensive signature descriptions, references, and documentation.
- Very low false positive rating through the use of state-of-the-art malware sandbox and global sensor network feedback loop.
- Includes ET Open. ET Pro allows you to benefit from the collective intelligence provided by one the largest and most active IDS/IPS rule writing communities. Rule submissions are received from all over the world covering never seen before threats—all tested by the Proofpoint’s ET Labs research team to ensure optimum performance and accurate detection.
Focused Coverage
While the Proofpoint ET Pro Ruleset offers complete coverage for numerous threats, it offers unrivaled network-based detection logic to identify Malware command and control communications, known bad landing pages, bot nets, communication with drive by sites and other advanced threats – using your existing IDS/IPS or NGFW platform.
ET Pro Ruleset bolsters your network security platforms with high-fidelity detection of advanced threats, including:
- All major malware families covered by command and control channel and protocol.
- Detection across all network-based threat vectors, from SCADA protocols, Web Servers, to the latest client-side attacks served up by exploit kits.
- The most accurate malware call-back, dropper, command-and-control, obfuscation, exploit-kit related, and exfiltration signatures the industry can offer.
- Comprehensive rule set also includes coverage for in-the-wild CVE vulnerabilities, including MS MAPP and Patch Tuesday updates.
OSIgate China Factory
sales_team @ osigate.com