TrustRadius: an HG Insights company

Proofpoint Insider Threat Management

Score9.1 out of 10

12 Reviews and Ratings

Get a Demo

What is Proofpoint Insider Threat Management?

An Insider Threat Management (ITM) solution, Proofpoint’s ObserveIT ITM (acquired by Proofpoint November 2019) protects against data loss and brand damage involving insiders acting maliciously, negligently, or unknowingly. ObserveIT correlates activity and data movement, enabling security teams to identify user risk, detect insider-led data breaches, and accelerate security incident response.

Categories & Use Cases

Reviews

What users are saying about Proofpoint Insider Threat Management.
View all reviews

ObserveIT - Insider Threats Monitoring and Prevention

Incentivized
Verified User
Engineer in Information Technology (11-50 employees employees)

Use Cases and Deployment Scope

Main reason to use Proofpoint Insider Threat Management is to prevent threats related to intentional or accidental data misuse or exfiltration. It also good and efficient solution that can be used for employee education regarding acceptance use.

Pros

  • Primary focus of the Solution is to Detect data exfiltration, privilege abuse, application misuse, unauthorized access, risky accidental actions
  • It is capable not only to log and show analytics but also to prove accidents via screenshots and screen recordings
  • ObserveIT consist of many well preconfigured alerts to cover use cases

Cons

  • it can be more affordable
  • Many organization are not ready to implement insider threat solutions and prefer classic DLP
  • don't have more dislikes

Most Important Features

  • User Activity Alerts
  • Playing back a user session shows exactly what occurred on-screen

Return on Investment

  • Organization will benefit DBA activity and Privileged Access analytics
  • Ensures user privacy by anonymizing
  • You get full visibility of insider threats and solution can reduce costs by using out-of the box risk activity library

Alternatives Considered

McAfee Total Protection for Data Loss Prevention (DLP) and Forcepoint Data Loss Prevention

Other Software Used

One Identity Safeguard (BalaBit), McAfee Total Protection for Data Loss Prevention (DLP), Logsign

Catch Your Inside Threats!

Incentivized
Verified User
Administrator in Information Technology (10,001+ employees employees)

Pros

  • Takes screen captures of user's activities to understand suspicious activities better.
  • User friendly management interface makes it better.
  • Ease of upgrading all of the related servers and its agent.

Cons

  • You need to make a better optimization work on its database servers. It may cause problems working itself properly.
  • After upgrading its agents, it may give some false positive alerts like "Agent not reporting" while it reporting.
  • Archiving technology must be improved. When you restart that appliance, it needs more tuning on it to make it right.

Return on Investment

  • As I previously mentioned about this, we were able to give more detailed evidence to the Internal/External Audit team. Audit teams were understanding all of the logs better.
  • A new feature with the newer version of it, like UEBA, we can find the riskier users by looking user's suspicious activities. This feature gave ObserveIT more credit on our bank.
  • Actually, there were no negative impacts on our objectives.

Alternatives Considered

Forcepoint Insider Threat

Other Software Used

Symantec Endpoint Protection, CyberArk Privileged Account Security, Cyberark Enterprise Password Vault