Proofpoint connector

The Proofpoint APIs allow you to read compromised users, fetch events for malicious messages or clicks, and make custom Proofpoint API calls.

Authorize your Proofpoint account
Proofpoint connector event cards
Proofpoint connector action cards

Authorize your Proofpoint account

When you add a ProofPoint card to a flow for the first time, you'll be prompted to set up a connection for that channel. Setting up a connection will allow you to connect the flow to your ProofPoint account, save the data, and reuse that connection the next time you build a flow with this card. See Authorization.

Proofpoint connector event cards

Event	Description
New Permitted Malicious Click	Start FLO when there are new events for clicks to malicious URLs permitted.

Proofpoint connector action cards

Actions	Description
Custom API Action	Make a custom, authenticated HTTP call to the Proofpoint API.
Read Compromised User	Get users which were most attacked during a specified period in their organizations.
Read Delivered Malicious Messages	Fetch events for messages delivered in the specified time period which contained a known threat.
Read Permitted Malicious Clicks	Fetch events for clicks to malicious URLs permitted in the specified time period.