Proofpoint TAP Intelligence

Updated 3 weeks ago by Sachit Soni

This document describes how to set up and use Proofpoint Targeted Attack Protection (TAP) with TruSTAR Station.

Proofpoint TAP helps you stay ahead of attackers with an innovative approach that detects, analyzes, and blocks advanced threats before they reach your inbox. These advanced threats include ransomware and other advanced email threats delivered through malicious attachments and URLs.

  • Source Type: Premium Intel
  • Update Type: Feed-based
  • Time to Install: 10 minutes

Data Types

The integration pulls the following information from Proofpoint:

  • Email addresses
  • Hashes
  • IPs
  • URLs
  • Softwares

Requirements

  • A subscription to Proofpoint TAP Intelligence
  • Proofpoint API ID
  • Proofpoint API Secret
TruSTAR Admin rights are required to activate this Premium Intel feed.

Getting Started

  1. Log into TruSTAR Station.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Closed Source.
  4. Click Subscribe on the Proofpoint TAP Intelligence box.
  5. Enter your Proofpoint TAP Intelligence credentials and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

TruSTAR Report Mapping

Field 

Explanation

Report Title

<Report Title> (Clicks blocked) : 

<Report Title> (Clicks delivered) :

<Report Title> (Messages blocked) :

<Report Title> (Messages delivered):

Report Body

Full JSON response

Client Type

PYTHON SDK

Client Meta Tag

Proofpoint_tap

Known Issues

No reported issues.

Please reach out to support@trustar.co if you have issues with this integration.


How Did We Do?