Proofpoint Identity Threat Defense

Proofpoint Identity Threat Defense (formerly Illusive Networks) is an Identity Threat Detection and Response (ITDR) solution. Proofpoint Shadow uses modern deception technology to detect attackers as they attempt to move laterally and escalate their privilege. Proofpoint Spotlight ontinuously discovers and remediates identity threats to stop lateral movement.

Configuring the Connector for Proofpoint Identity Threat Defense #

To configure Lucidum to ingest data from Proofpoint Identity Threat Defense:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • URL (required): The URL of the Proofpoint Identity Threat Defense API

    • API Key (required): Proofpoint Identity Threat Defense API key

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.