Providing Proofpoint TAP credentials to Arctic Wolf

Configuration Guide


This document describes how to retrieve and submit the credentials that Arctic Wolf® needs to monitor Proofpoint TAP. After you complete this configuration, Arctic Wolf can monitor logs from your Proofpoint TAP environment.

As part of this configuration, you must provide the following information about your Proofpoint TAP environment to Arctic Wolf on the Arctic Wolf Portal:

For more information about Proofpoint TAP, see the Proofpoint TAP documentation.

Generating Proofpoint TAP service credentials

To generate a set of Proofpoint TAP service credentials:

  1. Sign in to the TAP dashboard.

  2. Navigate to Settings > Connected Applications.

  3. Click Create New Credential.

  4. Name the new credential set and click Generate.

  5. Copy the Service Principal and Secret values from the prompt to provide to Arctic Wolf.

Providing credentials to Arctic Wolf

To provide your cloud application details to Arctic Wolf on the Arctic Portal:

Note: If you are configuring a beta cloud integration, follow the URL provided from Arctic Wolf and start at step 4.

  1. Sign in to the Arctic Wolf Portal.

  2. Select Connected Accounts in the banner menu to open the Connected Accounts page.

    Connected Accounts menu

  3. Select + Add Account to open the Add Account form.

  4. Select Cloud Threat Detection as the Account Type.

  5. Select Proofpoint TAP from the list of cloud services.

    1. Enter a descriptive name for the credentials.

    2. Paste the Service Principal and Secret values from Generate Proofpoint TAP Service Credentials into the form.

  6. Click Submit to CST.

  7. When prompted with the confirmation message, review your submission and then click Done. This returns you to the Connected Accounts page.

  8. Verify that the newly-submitted credential entry appears in the cloud services list with the status Connection Pending.

After your Concierge Security® Team (CST) provisions security monitoring for your Proofpoint TAP environment, the status of these credentials changes to Connected.