Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for ProofPoint Meta

thank you

Thank you!

We got your information.

ProofPoint Meta
ProofPoint Meta icon

Coralogix Extension For ProofPoint Meta Includes:

Alerts - 4

Stay on top of ProofPoint Meta key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Proofpoint Meta - More than 3 failed login attempts

This rule monitors unsuccessful login attempts and triggers alert on more than 3 failed login attempts under 5 minutes. Impact Many failed login attempt in a short time frame might indicate a brute force attack against the relevant account. Mitigation Implement rate limit at the unsuccessful login attempts. MITRE Tactic: TA0006 MITRE Technique: T1110

Proofpoint Meta - Detected user login after 1 month

This rule monitors user login after one month of inactivity. This alert is triggered when a user logs in after 1 month of no logins. Impact An adversary may gain access with the archived credential of the dormant user. Mitigation Investigate the new login and validate the user and the action performed were authorized. MITRE Technique: T1098

Proofpoint Meta - More than usual 4XX error code received

This rule monitors if notify/create/delete action request results in returning 4XX error code. Impact Many forbidden attempt in a short time frame might indicate a brute force attack against the relevant account. Mitigation Investigate the unsuccessful notify/create/delete action request results in returning 4XX error code MITRE Tactic: TA0006 MITRE Technique: T1110

Proofpoint Meta - Delete action detected

This rule monitors delete action and triggers an alert on more than 10 delete action by the same user under 5 minutes as this could be an indicator of malicious activity. Impact More than 10 delete action by the same user as this could be an indicator of malicious activity. Mitigation Validate that the action was approved and investigate further and revert changes if not. MITRE Tactic: TA0040 MITRE Technique: T1531

Integration

Learn more about Coralogix's out-of-the-box integration with ProofPoint Meta in our documentation.

Read More
Schedule Demo