Configure Proofpoint TAP for Arctic Wolf monitoring

You can configure Proofpoint TAP to send the necessary logs to Arctic Wolf for security monitoring.

Steps

1. Generate Proofpoint TAP service credentials.
2. Provide credentials to Arctic Wolf.

Step 1: Generate Proofpoint TAP service credentials

1. Sign in to the TAP dashboard.
2. Click Settings > Connected Applications.
3. Click Create New Credential.
4. Name the new credential set, and then click Generate.
5. Copy the Service Principal and Secret values from the prompt to provide to Arctic Wolf.

Step 2: Provide credentials to Arctic Wolf

1. Sign in to the Arctic Wolf Unified Portal.

2. In the menu bar, click Telemetry Management > Connected Accounts.

3. Click Add Account +.

4. On the Add Account page, from the Account Type list, select Cloud Detection and Response.

5. From the list of cloud services, select Proofpoint TAP.

6. On the Add Account page, configure these settings:

   • Account Name — Enter a unique and descriptive name for the account.
   • Service Principle — Paste the appropriate value from Generate Proofpoint TAP Service Credentials.
   • Secret — Paste the appropriate value from Generate Proofpoint TAP Service Credentials.
   • Credential Expiry — (Optional) Enter the expiration date if the credentials have an expiry date.

7. Click Test and Submit Credentials.

   After your Concierge Security® Team (CST) enables security monitoring for this account, the connected account status changes to Healthy.

See also

• Proofpoint TAP documentation