Proofpoint Leverages AI to Extend Scope of Cybersecurity Reach
Proofpoint has expanded its ability to thwart multistage cyberattacks spanning multiple communications channels while at the same time extending its reach into data security posture management (DSPM).
Tim Choi, group vice president, product marketing for Proofpoint, said the Proofpoint Prime Threat Protection platform leverages an existing Nexus artificial intelligence (AI) engine to detect threats across multiple communication and digital channels, to thwart social engineering attacks in real time that may have initially begun in an email but were later shifted to, for example, an online collaboration service.
It also combines email authentication, brand protection and takedown services into a single system that protects trusted domains against domain spoofing and malicious lookalikes.
Additionally, the platform is able to identify and remediate account takeovers, thwart lateral movement, and provide guidance to help end users recognize these types of attacks in the future, he added.
It also serves to reduce the total cost of cybersecurity by reducing the need for bespoke cybersecurity tools for each communications medium employed, said Choi.
The overall goal is to improve the ability of organizations to defend end users against increasingly sophisticated cyberattacks. For example, a report published today by Proofpoint notes 25% of all state-sponsored phishing campaigns now begin with “benign” emails to build trust, with 90% of these messages pretending to be someone interested in collaboration and engagement.
Proofpoint also plans to shortly extend the reach of its Nexus AI platform to incorporate agents that will be able to, for example, surface anomalous activity requiring additional forensic investigation, he added.
Meanwhile, Proofpoint, following its acquisition of Normalyze last year, will, starting this summer, integrate DSPM into its data loss prevention (DLP) platform. Rather than requiring cybersecurity teams to acquire separate DLP and DSPM platforms, Proofpoint is again integrating logical security functions in a single platform that leverages its Nexus AI platform, said Choi.
DSPM emerged earlier this decade to describe a set of tools and practices that provide visibility as to where sensitive data is, who has access to that data, how it has been used by what applications. As data security continues to evolve, however, it’s become apparent that the DSPM and DLP are now extensions of one another, noted Choi.
As part of that effort, Proofpoint is also adding a unified policy engine that, in addition to addressing DSPM and DLP requirements, also enables organizations to better manage insider threats. Additionally, Proofpoint is adding behavior-based and content-centric controls that make it simpler to track data lineage along with an ability to reset excessive privileges that might have been granted to an end user or application.
Finally, Proofpoint has extended its AI engine to drive a series of AI agents that have been trained to automate data classification to make it easier to identify sensitive data. Additional AI agents are planned for the future, said Choi.
It’s not clear to what degree cybersecurity teams are embracing AI, but at the very least, the amount of toil that conspires to burn these teams out should soon be dramatically reduced. The challenge, as always, is justifying the level of investment required to achieve that goal, even though it seems that adversaries have no such financial limitations to consider before making their own investments in AI.
