TrustRadius: an HG Insights company
Back to Overview
Proofpoint Threat Response Auto-Pull Logo

Proofpoint Threat Response Auto-Pull Reviews and Ratings

Rating: 8 out of 10
Score
8 out of 10

Community insights

TrustRadius Insights for Proofpoint Threat Response Auto-Pull are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Business Problems Solved

TRAP, or Targeted Attack Protection, offers a range of features that address various email security challenges. One significant use case is the ability for users to manually review and analyze email headers, enabling them to gain deeper insights into system dispositions. This allows for a more comprehensive understanding of incoming emails and helps identify potential threats.

Another key use case is the flexibility TRAP provides in managing emails. Users have the option to automate or manually pull messages, giving them greater control over their inbox management. This feature proves invaluable by saving time and eliminating the need to wait for the email team's response.

Additionally, TRAP streamlines incident response workflows by automating the process of pulling threat and spam emails. By doing so, it significantly improves response time and network security while preventing users from inadvertently opening malicious content. The software removes identified phishing or malware emails automatically, saving manual effort and reducing the chance of malware outbreaks and network downtime.

Moreover, TRAP enhances threat response by automatically quarantining threats and sending them to a designated mailbox. This extra layer of protection adds an additional level of security by reducing user vulnerability to email threats.

The software also offers unique capabilities such as functioning as a message recall service, allowing users to retrieve messages from their mailbox that were already sent—an advantage not found in Microsoft's message recall feature. Furthermore, TRAP assists in educating users about identifying and avoiding phishing attacks by notifying them when potential threats are detected.

Overall, TRAP proves valuable across organizations of all sizes. It saves time on quarantining and evaluating user-submitted emails, making it highly beneficial during security tests. The software remains an essential tool for security incident response, automatically pulling messages from mailboxes and preventing trouble. Its targeted attack protection module is particularly useful for addressing spear phishing incidents effectively.

Reviews

4 Reviews

Very happy with my TRAP appliance

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

TRAP is being used across our whole organization. We use it in conjunction with PPS, TAP, and PSAT with CLEAR. It saves us about 5 - 10 hours per week quarantining emails and evaluating user-submitted emails. We have auto-response templates set up so that user-submitted emails will automatically be replied to with the verdict of their submission.

Pros

  • It will automatically pull malicious emails from users' mailboxes if they are not detected first by PPS.
  • It will evaluate user-submitted suspect phishing emails and reply to the users with the result of the evaluation.
  • It will pull emails from users per an admin-submitted CVS file of emails we want to pull.
  • It informs admins of the status of its email investigations.

Cons

  • Would like an Azure virtual machine version of it. Currently, it's only supported on VMware and AWS.
  • Configuring authentication certificates on it is not easy.
  • It does not work with RSASSA-PSS signed certificates.

Likelihood to Recommend

If your email admins spend time manually pulling malicious emails, this tool will save them countless hours of work and will do it for them 24 x 7. So if a user receives a malicious email after-hours, TRAP will auto pull it from the affected user's mailbox and potentially save you from an IT disaster.

CB
Chris Bash
IS Systems Analyst in Information Technology at Kodak alaris (1001-5000 employees)
Vetted Review
Proofpoint Threat Response Auto-Pull
3 years of experience
View profile

Excellent last-defense for malicious email

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Proofpoint Threat Response Auto-Pull is a lifesaver if all "pro-active" controls fail. It will auto pull messages automatically from users' mailboxes, instructed by the "Targeted Attack Protection" module of Proofpoint. Especially with (spear) phishing, you can prevent a lot of trouble. This is all automatic, although if you really want, you can upload a CSV with the list of messages you want auto pulled.

Pros

  • Auto pull works great, even with our hybrid situation with 2 on premise exchange organizations.
  • Reporting is good, nice graphs of all the actions.

Cons

  • As threat response auto-pull uses a subset of the full threat response product, the GUI is too bloated.
  • It is still only an on premise VM, still waiting for a cloud version.

Likelihood to Recommend

It is very well suited for any organization, though the pricing is more for larger organizations. Having auto pull available means you have fewer worries that phishing emails end up in users' mailboxes.

VU
Verified User
Professional in Information Technology (1001-5000 employees)
Vetted Review
Proofpoint Threat Response Auto-Pull
2 years of experience

Proofpoint TRAP - Pull malicious emails

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Proofpoint TRAP is being used across the entire organization currently. It is deployed centrally and in use across 4 countries. As it is an international product we have a Proofpoint trained team looking after it.

We've found Proofpoint TRAP to be very beneficial to the company so far, it helped us immensely during our last security test.

Pros

  • Automatically pulling malicious emails from users inboxes.
  • Low admin intervention.
  • Reducing remediation time on malicious emails.

Cons

  • Learning curve is steep.
  • Interface can be clunky.
  • Some interface items seem counter-intuitive.

Likelihood to Recommend

Proofpoint TRAP can benefit any company in most scenarios. When used in conjunction with Proofpoint's main offering it is extremely powerful and reduces malicious email being delivered to almost zero.

And emails that do get delivered it is unsure about are cloned then detonated in a sandbox to see the impact and if it is then found to be malicious it will pull these mails from the user's inbox. With no interaction from administrators.

FC
Fraser Clark
Network Engineer in Information Technology at People's Postcode Lottery (201-500 employees)
Vetted Review
Proofpoint Threat Response Auto-Pull
1 year of experience
View profile

TRAP helps me sleep at night

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

We use TRAP enterprise-wide to help remove malicious messages from users' mailboxes. When a brand new threat sneaks by our email security appliance it's far less of a worry since TRAP will pull messages from mailboxes as soon as it starts detecting them!

Update, 6 months later: Proofpoint TRAP remains the MOST HELPFUL tool I've ever used for security incident response.

Pros

  • Finds malicious messages in users mailboxes that were not previously detected.
  • Gives good data about messages post-detection.
  • Integrates with AD.

Cons

  • Removing messages from mailboxes manually requires uploading a CSV in a particular format. More flexibility here would be great.

Likelihood to Recommend

Incident response teams will see the most benefit from TRAP. Exchange teams will love it too because it means fewer exercises in Powershell message removal scripts.

VU
Verified User
Engineer in Information Technology (5001-10,000 employees)
Vetted Review
Proofpoint Threat Response Auto-Pull
1 year of experience