Data Loss Prevention Incident Response Integration with Proofpoint
The Proofpoint DLP integration supports the ingestion of Data Loss Prevention incidents created on the Proofpoint Data Loss Prevention deployment. After ingestion, you can use the incident management functionalities to remediate the DLP incidents.
Request apps on the Store
Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
Overview and key features
The Proofpoint DLP integration helps companies to track the usage and movement of sensitive data on various platforms.
This integration includes the following key features:
- Multiple profile creation for different Proofpoint endpoints.
- Automating the creation of DLP incidents.
- Mapping of the Proofpoint DLP incident state field to DLP incident state field.
- Filtering of Proofpoint DLP incidents.
- Ingestion of incidents in your ServiceNow instance as soon as the alerts are generated on Proofpoint DLP tenant.
- Proofpoint DLP integration supports both endpoints and email type of incidents.
- Automatic updates for the Proofpoint DLP incident status and comments for DLP incident creation, and for state change and closure on ServiceNow side.
- Downloading evidence file for email alerts directly from Proofpoint or from internal ServiceNow storage.
- Performing remediation actions such as Release Encrypted Email with Scan, Delete Email, Release Email without Scan and Release Email with Scan from ServiceNow side.
Learn about this integration
| Document identifier | Document title |
|---|---|
| Proofpoint product documentation website | Proofpoint product documentation |
| ServiceNow® product documentation website | ServiceNow Product Documentation website |