Proofpoint Threat Response Auto-Pull

4.1
(11)

Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to move malicious or unwanted messages to quarantine, after delivery. It follows forwarded mail and distribution lists and creates an auditable activity trail.

Work for Proofpoint Threat Response Auto-Pull?

Learning about Proofpoint Threat Response Auto-Pull?

We can help you find the solution that fits you best.

Proofpoint Threat Response Auto-Pull Reviews

Ask Proofpoint Threat Response Auto-Pull a Question
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • For Category
  • Industry
Ratings
Company Size
User Role
For Category
Industry
Showing 11 Proofpoint Threat Response Auto-Pull reviews
LinkedIn Connections
Proofpoint Threat Response Auto-Pull review by Kyle S.
Kyle S.
Validated Reviewer
Review Source
content

"Great feature"

What do you like best?

This system is pretty cool. It sits as an OVA in our environment and will pull a message out of our Exchange server if a message is later deemed malicious. Not only does it pull from the recipient but it will also pull from anyone that they forwarded the message to. You can also export message from SmartSearch in Proofpoint Protection and import that into TRAP and it will pull all the messages you exported...useful for message that may not be malicious but inadvertently sent. TRAP doesn't care if anyone read the messages, unlike Exchange's built-in retrieval system. It also will tell you if someone read the message or not.

What do you dislike?

I don't like that this isn't controlled from Proofpoint's main interface. I have to log into a separate interface to use this. Also, updates are downloaded from Proofpoint's site and uploaded and run separatly. There's no built-in update agent. It does have two images loaded so if something goes wrong it can be switched back to the working version.

Recommendations to others considering the product

You have to use Impersonation or a service account that has full access to you email users for this to work.

What business problems are you solving with the product? What benefits have you realized?

We benefit from this as message can be pulled automatically or manually if we so choose.

Sign in to G2 to see what your connections have to say about Proofpoint Threat Response Auto-Pull
Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"TRAP is the missing piece of the phishing response puzzle"

What do you like best?

I like the fact that it automatically pulls bad mail from the inbox. Whether from TAP, or from PhishAlarm Analyzer, the identified threats can be quickly removed from users inboxes.

What do you dislike?

I don't like the duct-tape and bailing wire feel to the products. However, the front-end is really slick and makes up for it.

Recommendations to others considering the product

When configuring the product, be sure to allocate a couple of extra mailbox licenses up front. Also, be sure you know how to define the proper mailbox permissions to impersonate other mailboxes. This is crucial for the quarantine functions.

What business problems are you solving with the product? What benefits have you realized?

If you need to rely on a messaging team to remove mail from users inboxes as part of your Phishing Response plan, then you may have a minimum 1 hour wait time, and usually a couple of day response time. This allows identified phishing or malware emails to automatically be removed.

What Incident Response solution do you use?

Thanks for letting us know!
Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"Proofpoint TRAP is a must have tool for Network Admins"

What do you like best?

Anyone who is a network admin or tasked with managing email protection knows that one of the hardest tasks is mitigating potential phishing/malware 0-day attack emails after they have been delivered. Proofpoint TRAP (in conjunction with TAP) automatically removes emails that have been discovered to be malicious after they were initially deemed safe. It's the automation of this process that is the best feature of this tool. In addition, the ability to go into Proofpoint Email and Security and generate a CSV of emails, upload this to TRAP, and have TRAP automatically pull these emails from all sources is fantastic. TAP is great, but TAP without TRAP is like pasta without sauce.

What do you dislike?

Not much to dislike really. It is easy to setup and maintain. I guess my only complaint would be that the web app interface could be updated a little to make drilling down into the incidents a little easier (i.e. how the threat levels change over time changes the order incidents are viewed). Otherwise, I find the product to be pretty much as advertised, which is fantastic.

Recommendations to others considering the product

Unless you enjoy manually going into your email environment and managing 0-day malware and phishing campaigns that were not detected at the time of delivery, I'd suggest looking into this product.

What business problems are you solving with the product? What benefits have you realized?

The problem this solves is the issue of how to quarantine and/or delete emails that have already been delivered. Several use cases are possible to solve with TRAP because of the ability to automate the pulling of emails based on threats post delivery. Because this is automated, there is less time spend by IT resources managing this issue manually. And because we use TRAP, emails are usually pulled before the user has a chance to follow a malicious link, or even answer a phishing attempt. This means less chance for a malware outbreak, resulting in potential network downtime and expensive mitigating solutions.

Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"TRAP is the coolest thing in the history of email security"

What do you like best?

Brand new threat snuck by your security appliance? No worries. As soon as that bad message starts getting detected elsewhere, TRAP will go get it from your users' mailboxes. POOF, it never happened.

What do you dislike?

TRAP makes my life so much easier as an incident responder it could literally punch me in the face and I still wouldn't dislike anything about it.

What business problems are you solving with the product? What benefits have you realized?

Gone are the days of having to beg the Exchange team to run a Powershell script that takes three days to remove messages from mailboxes and still isn't able to report on what got removed. TRAP streamlines our IR workflow like waow and for a small team (like most IR teams!) that's a big thing.

Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"TRAP is a key piece in our response process dealing with delivered malicious emails"

What do you like best?

It effortlessly does it's job and allows our cyber and IT groups to focus on other more involved incidents.

What do you dislike?

The reporting capabilities of the TRAP need to be enhanced so that custom reports can be created based on more than one attribute or criteria.

Recommendations to others considering the product

Investigate other internal systems that may be able to hook into TRAP to get even more value out of the solution.

What business problems are you solving with the product? What benefits have you realized?

The process of removing malicious emails that were condemned after delivery can now be effortlessly handled with little to no intervention. This same time on IT and Cyber resources. TRAP has also given us the capability to selectively remove other emails without the need to involve IT allowing Cyber to have more autonomy,.

Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"Threat Response Auto-Pull has given peace of mind"

What do you like best?

It automatically pulls the message from users mailboxes when it determines a message contained a malicious URL or attachment. I can also issue a manual pull, which has been very helpful when an occasional spam message makes it way to a large number of users.

What do you dislike?

The reporting features via .pdf could be improved. The .pdf reports don't have as much detail as the .csv file does and executives like to see graphs and charts versus numbers in a spreadsheet.

Recommendations to others considering the product

This product is a must-have.

What business problems are you solving with the product? What benefits have you realized?

It's prevented multiple phishing attacks. Saved business time by taking automatic corrective action. And it takes corrective action at night, on the weekend, holidays, with no user intervention.

Proofpoint Threat Response Auto-Pull review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"ProofPoint Response survey"

What do you like best?

In depth analysis of threat locationForensic analysis is excellent. Provides a ton of information.

What do you dislike?

Does not always catch the threat before someone clicks on it. Phishing attacks are rampid

Recommendations to others considering the product

It pretty much runs by it's self. A quick steps guide would be helpful. The documentation is long and a lot to digest.

What business problems are you solving with the product? What benefits have you realized?

It notifies me so we can watch and notify the user. That has helped with training our users what to look for and what not to do. We are hit hard with Phishing attacks trying to get user credentials

Proofpoint Threat Response Auto-Pull review by Jennifer P.
Jennifer P.
Validated Reviewer
Review Source
content

"Love Proofpoint TRAP!"

What do you like best?

The auto-pull makes any admin's life so much easier, it even pulls any forwarded messages from mailbox!

What do you dislike?

I don't really have any downsides, you have to setup a service account that has access to your mailboxes but I don't really think that is a negative

Recommendations to others considering the product

Do it!

What business problems are you solving with the product? What benefits have you realized?

Malicious emails sent in the environment are pulled within minutes, even your helpdesk can have rights to do this

Proofpoint Threat Response Auto-Pull review by Administrator in Photography
Administrator in Photography
Validated Reviewer
Verified Current User
Review Source
content

"TRAP is used by us for post malware quarantining."

What do you like best?

The way that TRAP enables us to quarantine TAP, and user reported malware has saved us countless hours from manually quarantining these emails.

What do you dislike?

When navigating "incidents" in TRAP, you cannot save customized views for later use of default use.

Recommendations to others considering the product

Be aware it is only available on VMWare, not Hyper-V.

What business problems are you solving with the product? What benefits have you realized?

Saves us time by not having to manually quarantine malware email.

Proofpoint Threat Response Auto-Pull review by Administrator
Administrator
Validated Reviewer
Review Source
content

"SPAM emails stays away"

What do you like best?

Earlier mail box used to get flooded with spam not anymore

What do you dislike?

customization for content , email or PDF/attachment or links.

Recommendations to others considering the product

Must have

What business problems are you solving with the product? What benefits have you realized?

Hassle free

Proofpoint Threat Response Auto-Pull review by Industry Analyst / Tech Writer in Information Technology and Services
Industry Analyst / Tech Writer in Information Technology and Services
Validated Reviewer
Review Source
content

"Solid product"

What do you like best?

It is a product/solution which is nice to use

What do you dislike?

There is nothing that I can think of as to why I would not like it

What business problems are you solving with the product? What benefits have you realized?

Helps with threat response

Learn more about Proofpoint Threat Response Auto-Pull

Proofpoint Threat Response Auto-Pull Videos

Proofpoint Threat Response Auto-Pull Downloads

Kate from G2

Learning about Proofpoint Threat Response Auto-Pull?

I can help.
* We monitor all Proofpoint Threat Response Auto-Pull reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.