Skip to content
English
Contact Support
  • There are no suggestions because the search field is empty.

Integrating Proofpoint TRAP with Dune Security

Share TRAP report data with Dune Security

Integrating Proofpoint Targeted Attack Protection (TRAP) with Dune Security allows organizations to automatically forward simulated phishing attack from users to Dune Security for real-time analysis and risk adjustment. This integration is critical to improving user behavior insights, enhancing security training, and dynamically lowering risk scores for employees who report phishing attempts.

By setting up an automatic forwarding rule in Proofpoint TRAP, phishing reports are seamlessly shared with Dune Security, ensuring users’ vigilance is rewarded while improving the organization’s overall risk posture.

Why Integrate Proofpoint TRAP with Dune Security?

1.Enhance User Risk Scores: Automatically adjust user risk scores in Dune Security based on proactive behavior like phishing reporting.

2.Streamline Phishing Analysis: Centralize phishing incident reporting to Dune’s AI-driven platform for better decision-making and training adjustments.

3.Strengthen Organizational Security: Encourage end-user vigilance, creating a stronger first line of defense.

Steps to Set Up Integration

Step 1: Access Proofpoint TRAP Admin Console

1.Log in to your Proofpoint Threat Response admin account.

Step 2: Create a List

1. Navigate to the Responses section under the Admin Console and select Lists.

2. Select New List

3. Add the following information for the New List

  • List Name: Dune Security Domains
  • Description: List of domains that Dune Security sends phishing simulations from
  • Message attribute: Message Sender Address
  • Entries: Add the list of domains (one per line) linked here with no quotations, periods, commas or asterisk
    • Example: enterprise-support-desk.com

4. Click Create

Step 2: Create an Automatic Forwarding Rule

1.Locate Rules Configuration:

  • In the Automation Workflows section, click New Workflow or navigate to an existing forwarding rule for modification. 
  • Ensure that the Automation Workflow is for when CLEAR Analysis is Completed

2.Add Conditions:

Configure If condition that includes the following information:

    • Attribute: Message Sender Address
    • OperatorValues in a list contains any of (may have to scroll down for this option)
    • Select a list: Dune Security Domains
  • Select Save

3.Add Response:

  • Add a Send Email Notification 
  • Set Recipient(s) to Users on a Specific Team... 
  • Under Additional recipient(s) add the following email: secops@dunewatchtower.com
  • Select "Include the Original Message as an EML Attachment"
  • Optional: You may also include a Send Email Notification to Message Reporter to congratulate the user on reporting a simulated attack.

4.Save the Rule:

•Click Save Rule and ensure the Rule is Enabled

Step 3: Test Functionality

Contact your Customer Success Engineer or support@dune.security to test this integration.