ripple

Actionable Insights: Simplifying Threat Explainability via the Condemnation Summary 

Share with your network!

In this blog series we cover how to improve your company’s security posture with actionable insights. Actionable insights are a critical tool to help you improve your security posture and stop initial compromise in the attack chain. You can use them to identify and respond to potential risks, enhance your incident response capabilities, and make more informed security decisions.  

In previous actionable insights blog posts, we covered these topics: 

  1. People risk 
  2. Origin risk 
  3. Business email compromise (BEC) risk 
  4. Ensuring proper risk context 
  5. Risk efficacy 
  6. Telephone-oriented attack delivery (TOAD) risk 
  7. Threat intelligence 
  8. Your risk profile

In this post, we are excited to announce the new TAP Condemnation Summary—which is available to all Proofpoint Targeted Attack Protection (TAP) customers who use the Proofpoint Aegis threat protection platform. We’ll explain why it is an invaluable resource and we’ll explore some of its key reports.  

Threat explainability: Introducing the Condemnation Summary 

In the ever-evolving cybersecurity landscape, clear communication and rapid understanding of email threats are essential. Proofpoint introduced the Condemnation Summary to enhance threat visibility and explain—in plain, everyday language—why a particular threat is condemned.  

The summary makes it easier for both technical and nontechnical users to comprehend email threats. You can find the TAP Condemnation Summary in the Evidence section of the threat details page for any individual threat within your Aegis platform. 

Let’s explore how this new feature can help your business. 

Insights: What you can learn from the Condemnation Summary 

The Condemnation Summary helps demystify email threats and streamline the decision-making process for threat remediation. Here’s what you can expect from this innovative feature. 

User and VIP insights 

The Condemnation Summary includes a highlights card that spotlights impacted users and VIPs. With drilldown options and actionable items, you can quickly determine who is affected. You can use these insights to understand the steps you need to take to mitigate the threat. 

 

Details about affected users shown in the Condemnation Summary. 

Threat state overview 

This section of the summary breaks down the state of the threat or campaign, complete with timestamps. A chronological view provides you with a clear understanding of how the threat evolved, so you can assess its severity and impact. 

 

The threat state overview section in the Condemnation Summary. 

User-friendly descriptions 

The Condemnation Summary offers high-level observations from our behavioral and machine learning detection layers. Threats are described in everyday language. So nontechnical users can better grasp the nature of a threat and its potential consequences. 

 

High-level observations in plain language in the Condemnation Summary. 

Source attribution 

It’s helpful to understand where a threat originated. Condemnation Sources gives you insight into which sources contributed to the detection and condemnation of the threat.  

 

The Condemnation Sources section in the Condemnation Summary. 

Targeted controls: Taking action 

The Condemnation Summary isn’t just a feature for visibility or explainability. It’s a tool for action. Here’s how to make the most of this new feature: 

  • Mitigate threats faster. With user and VIP insights, you can respond promptly to threats that are impacting specific individuals. Take immediate actions to protect these users and mitigate risks. 
  • Improve your communication about threats. The user-friendly descriptions in the Condemnation Summary make it easier to communicate threat details to nontechnical stakeholders. This, in turn, helps to foster better collaboration around security across your business. 
  • See how threats evolve. When you have a timeline of a threat’s progression, you can assess how a threat evolved and whether it is part of a broader campaign. 
  • Track where threats come from. It is crucial to know the sources that contributed to detection of a threat. That detail can help you identify patterns and sources that may indicate you are facing recurring threats. 

Learn more about your company’s specific risks 

The TAP Condemnation Summary is part of the Proofpoint Aegis threat protection platform, which uses data, detection and research to provide actionable insights that can help you form a more complete picture of the threats that your business faces. It also helps you understand the best ways to defend against these threats. 

The Condemnation Summary is a valuable addition to your email security toolkit. It simplifies threat explanations, making them accessible to both technical and nontechnical users. And in an era where effective communication and swift threat response are vital, this feature empowers your business to stay one step ahead of email threats. It can help you understand, communicate and mitigate threats with confidence 

To increase your understanding of the cybersecurity risks your business faces, you can request a free Rapid Email Risk Assessment. Our security experts can help you identify key threats—and show you how to mitigate them. 

Learn more about the TAP Threat Insights Dashboard and actionable insights from Proofpoint.