Sophos MDR integrations are now GA, up to date documentation can be found at the following link: Integrations
Detects threats that target email, social media, and mobiles.
You can integrate Proofpoint Enterprise with Sophos Central so that it sends audit data to Sophos for analysis.
This integration is API-based.
The key steps are as follows:
- Generate Targeted Attack Protection (TAP) service credentials for your Proofpoint account.
- Add an integration in Sophos Central.
Generate TAP service credentials
TAP service credentials are used in Sophos Central to link to Proofpoint.
To generate these credentials, do as follows:
- Sign in to the TAP dashboard. See Welcome to the TAP Dashboard.
- Go to Settings > Connected Applications image.
- Click Create New Credential.
- Copy the Principal ID and Secret.
Add an integration
- In Sophos Central, go to Threat Analysis Center and click Integrations.
-
Click Proofpoint.
If you've already set up integrations of this type, you see them here.
-
Click Add integration.
Note
If this is the first integration you've added, we'll ask for details of your internal domains and IPs. See My domains and IPs.
In Integration steps, do as follows:
- Enter a name and a description.
-
Enter the Principal ID and Secret name.
-
Click Save.
The integration is created for you and appears in your list. If the
If your integration shows Connected, then your data should appear in the Sophos Data Lake after validation.