Proofpoint, Inc. is based in Sunnyvale, California and provides SaaS and on-premises solutions for inbound email security, outbound data loss prevention, privacy protection, email encryption, electronic discovery (“eDiscovery”) and email archiving.
| Type | Private |
|---|---|
| Industry | Security software |
| Founded | 2002 |
| Headquarters | Sunnyvale, California, United States |
| Key people | Chairman: Eric Hahn CEO: Gary Steele CTO: Marcel DePaolis |
| Products | E-mail filtering Email Privacy Email Encryption Email archiving Anti-spam Ediscovery Data loss prevention software |
| Website | http://www.proofpoint.com |
Contents |
The company was founded in June 2002 by Eric Hahn, formerly the CTO of Netscape Communications. It launched July 21, 2003, after raising a $7 million series A funding round, releasing its first product, and lining up six customers as references, and was backed by venture investors Mohr Davidow Ventures, Benchmark Capital, and Stanford University.[1] An additional $9 million in Series B funding led by New York-based RRE Ventures was announced in October, 2003.[2]
The company’s first product was the Proofpoint Protection Server for medium and large businesses. It incorporated what was described as “MLX Technology”, proprietary machine learning algorithms applied to the problem of accurately identifying spam email using 10,000 different attributes to differentiate between spam and valid email. The company joined dozens of other anti-spam software providers[1] in a business opportunity fueled by an exponential increase in spam volume that was threatening worker productivity, making spam a top business priority.[3] According to the 2004 National Technology Readiness Survey by the Robert H. Smith School of Business and Rockbridge Associates Inc., the cost of spam in terms of lost productivity had reached $21.58 billion annually.[4] This cost had not changed substantially when they repeated the study in 2009.[5]
The first Proofpoint Protection Server product upgrade was announced in November 2003 and expanded the number of spam detection attributes to more than 50,000.[6]
In December 2003, Forrester Research announced the winners of the sixth annual Emerging Technology Showcase awards. Proofpoint was awarded for “Identifying And Dealing With Threats And Nuisances To The Enterprise”.[7]
In 2004, strict new regulations governing financial disclosures and the privacy of health care data prompted Proofpoint to begin developing new products that would automatically identify and intercept outbound email containing sensitive information.[8]
In March, 2004, Proofpoint introduced its first hardware appliance, the P-Series Message Protection Appliance (later renamed Proofpoint Messaging Security Gateway), using a hardened Linux kernel and Proofpoint's Protection Server 2.0 software.[9] It was tested by Infoworld and found to stop 94% of spam.[10]
Another product introduction in November, 2004 included Protection Server 3.0, with Email Firewall and MLX-based Dynamic Reputation Analysis, and the Content Security Suite, plug-in modules designed for scanning outbound messages and their attachments to assist in compliance with data protection regulations such as Sarbanes-Oxley, HIPAA, and Gramm-Leach-Bliley. In combination, this was known as the Proofpoint Messaging Security Gateway Appliance. It was reviewed by ChannelWeb ProofPoint Appliance Stands Guard At E-Mail Gate, ChannelWeb, Nov 26, 2004, which observed that it used a “combination of technologies: policy-based management, a spam-filtering engine and adaptive learning technology”. Implemented by Brown University, in the first 24 hours the Proofpoint system saved 447 Mb of email storage space by blocking 90,000 spam messages.[11] Infoworld reported that a number of companies were broadening their products to address other messaging issues besides spam, such as compliance violations, phishing scams, and viruses.[12]
The University of Illinois at Urbana-Champaign incorporated Proofpoint software into their CITES Spam Control system with positive results.[13] Government Computer News reported that their GCN Lab found the Proofpoint P800 Gateway offered “Maximum control for administrators; highly configurable; optional module prevents e-mailing of classified documents”.[14]
Proofpoint introduced a new product, the Network Content Sentry, as an add-on appliance to the Content Security Suite in August, 2005.[15] Designed to monitor online messaging other than email, the appliance monitors Web mail, message boards, blogs and FTP-based communications. Proofpoint also introduced policy-based email encryption features, using identity-based encryption technology licensed from Voltage Security.
At about the same time, the Zero-Hour Anti-Virus software module was released. It was specifically designed to detect and block new computer viruses before their “signature” is formally identified.[16]
As part of a continuing product expansion related to regulation monitoring, in November, 2005, the Healthcare Privacy Bundle was released as add-on to Messaging Security Gateway appliance.[17]
Proofpoint Messaging Security Gateway V4.0 was released in March, 2006, with additional capabilities such as directory harvest attack prevention features and enhancements to the Proofpoint MLX Dynamic Reputation software.[18]
In a step towards simpler operational requirements, the Proofpoint Messaging Security Gateway Virtual Edition was released in April, 2007. The product runs as a virtual appliance on a host running VMware's virtual server software.[19] Moving a dedicated hardware appliance to a virtual server eliminates problems associated with proprietary hardware and reduces upgrade costs,[20] though it does require knowledge of VMware's virtual server architecture.
Proofpoint Messaging Security Gateway V5.0 was released in June, 2007, and was based on a new, integrated architecture, combining all its capabilities into a single platform.[21] It could be run either as a dedicated appliance, virtual appliance, or software suite.
ICSA Labs, an independent division of Verizon Business, announced in April, 2007, that it had certified six anti-spam products under their new testing program, one of which was the Proofpoint Messaging Security Gateway. The goal of ICSA Labs' anti-spam product testing and certification is to evaluate product effectiveness in detecting and removing spam. The guidelines also address how well the products recognize e-mail messages from legitimate sources.[22]
Moving into the software-as-a-service business, Proofpoint introduced Proofpoint on Demand, a hosted version of its email security and data loss prevention offerings.[23] In May, 2008, the company’s hosted offerings were expanded with the introduction of Proofpoint on Demand—Standard Edition.[24] The product is targeted at small-to-medium size businesses that need email security but do not run their own servers or have on-site IT personnel.
In June 2008, Proofpoint acquired Fortiva, Inc., a provider of on-demand Email archiving software for legal discovery, regulatory compliance and email storage management.[25] Given current compliance legislation and legal discovery requirements, corporate IT departments need to carefully manage their e-mail archiving so that specific messages can be located quickly. Fortiva uses Exchange journaling to automatically archive all internal and external communications so that end users can search all archived messages, including attachments, directly from a search folder in Outlook.
In February 2009, Proofpoint introduced a cloud-based product called SHIELD for email connection management and anti-spam. SC Magazine called it an “email security solution that is designed for organisations that are seeking to leverage the benefits of a hybrid on-demand/on-premises deployment"[26]. Cloud computing can potentially reduce costs for the user.