Skip to main content
Skip table of contents

Proofpoint Insider Threat Management

Proofpoint Insider Threat Management (formerly ObserveIT) is a SaaS-based Insider Threat Management solution that protects sensitive data from insider threats and data loss at the endpoint. Proofpoint ITM combines context across content, behavior, and threats to provide you with deep visibility into user activities and to mitigate business disruption and data loss.

Configuring the Connector for Proofpoint Insider Threat Management

To configure Lucidum to ingest data from Proofpoint Insider Threat Management:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • MSSQL Server (required) - The DNS / IP Address of the Microsoft SQL Server your Proofpoint Insider Threat Management instance is using.

      • To use a specific named instance, the value supplied should be in the following format: {server_host}\{instance_name}.

      • If no instance is supplied, the default instance will be used.

    • Port (optional, default: 1433) - The port used for the connection.

    • Database (required) - The name of the database inside the SQL Server.

    • User Name (required) - A user name with read-only permissions.

    • Password (required) - The user's password. The password must not include ";".

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.