Proofpoint this week at its Protect conference launched a series of efforts through which it plans to provide cybersecurity teams with more granular controls in real-time, over what applications and services are accessed by end users.

Tim Choi, vice president of product marketing for Proofpoint, says, for example, an Adaptive Information Protection platform makes use of machine learning algorithms to monitor which applications and services are being accessed in real-time. As the level of risk associated with any of those applications increases, Adaptive Information Protection in real-time will apply more stringent controls in real-time.

Proofpoint in 2025 will follow up those capabilities with extensions to its core platform that prevent end users from sharing sensitive data with generative artificial intelligence (AI) platforms along with a set of tools for assessing the overall security posture of organizations and a Collab Protection offering that limits access to specific software-as-a-service (SaaS) applications and other external services using the ZenWeb browser extension the company has developed.

Finally, ZenGuide, formerly Proofpoint Security Awareness Training, will be extended next year to provide employees with more personalized learning paths based on their actual behavior.

At the core of the Proofpoint portfolio are Proofpoint Nexus, a threat detection platform that makes AI and behavioral analytics to mitigate risks, and Proofpoint Zen, a set of technologies that limits access to sensitive data that might reside in email, collaboration apps or on the web.

Collectively, those capabilities enable cybersecurity teams to pursue a human-centric approach that dynamically adjusts to the usage of applications and services in real-time, says Choi. For example, when Proofpoint detects that a URL in an email is malicious the controls that cybersecurity teams can put in place are considerably more granular than other platforms, he adds. Proofpoint is able to provide that capability because its core platform analyzes more than 17 trillion URLs a year, said Choi.

At the same time, Proofpoint is also moving to reduce the number of vendors that lower the total cost of cybersecurity, by reducing the total number of vendors that cybersecurity teams would otherwise need to engage, noted Choi.

Arguably, the biggest cybersecurity challenge organizations face today is how employees access and store data across a distributed application environment that only continues to grow. Each additional SaaS application, sanctioned or not, expands the overall size of the attack surface that needs to be defended. Each of those applications becomes yet another target for credential phishing attacks that once compromised can usually be reused across multiple applications if for no other reason than end users all too often reuse the same passwords.

The only way to secure modern application environments is to be able to dynamically apply governance controls in real-time in a way that assesses the level of risk attached to each interaction, said Choi.

There is, of course, no such thing as perfect security but today the number of opportunities for mistakes to be made is almost limitless. The issue is that whenever there is a breach it’s often the cybersecurity team, rather than the end user that made the mistake, that ultimately gets held accountable for not preventing it in the first place.