Proofpoint

In this guide, you will configure the Proofpoint data connector to send click activity into Radiant Security. This gives visibility into phishing links accessed from unmanaged devices, helping identify users who clicked from personal machines and enabling more complete investigations.

At the end of this configuration, you will provide Radiant Security with these values:

• Service Principal

• Secret

• Console URL

To configure the Proofpoint action connector, check out the Proofpoint action connector guide.

Generate Proofpoint TAP service credentials

1. Sign in to the TAP dashboard.

2. Navigate to Settings > Connected Applications.

3. Click Create New Credential.

4. Name the new credential and click Generate.

5. Copy the Service Principal and Secret values from the prompt. You’ll provide these values to Radiant Security in the next section.

Add the data connector in Radiant Security

1. Log in to Radiant Security.

2. From the navigation menu, select Settings > Data Connector and click + Add Connector.

3. Select the Proofpoint API v2 vendor from the list and then click Data Feeds.

4. Under Select your data feeds, select URL Defense and click Credentials.

5. Under Credential Name, give the credential an identifiable name (e.g.Proofpoint Credentials) .

6. Under Required Credentials, add the following:

   • Service Principal: Enter the Service Principal value that you copied from the previous section.

   • Secret: Enter the Secret that you copied from the previous section.

   • API Base URL: Enter the API Token that you copied from the previous section.

7. Click Add Connector to save the connector configuration.