Professional Services Engineer at a tech vendor with 1-10 employees
Real User
Top 10
Feb 24, 2026
In terms of improvements, I find there are some blind spots in Proofpoint Enterprise DLP; you can obviously add more channels for detection, and logging can be much improved, specifying exactly what action took place or what alert was generated. There is a bit of ambiguity in that area. Apart from that, I am quite happy with the solution. From a user experience standpoint, the UI in Proofpoint Enterprise DLP can be a bit better. Integration-wise, it would be great if the API or document API could work better with other integrations, as that is a place where we have found it a bit lacking.
Director Cybersecurity at a media company with 1,001-5,000 employees
Real User
Top 20
Feb 23, 2026
Overall, Proofpoint Enterprise DLP is a strong platform, but there are areas for improvement to enhance usability and effectiveness. One challenge is policy complexity and lifecycle management. As DLP programs mature, policies become layered and interdependent, leading to frustrations such as rule overlap that causes multiple triggers on a single message. Limited visibility into policy hierarchy impacts, difficulty modeling how new rules interact with existing ones, and change management requiring careful validation can all be challenging. An improvement opportunity would be advanced policy simulation tools for conflict detection between rules and clear rule precedence visualization, which would help understand the source of issues. The administrator user experience can feel dense from an admin perspective, especially when managing multiple layered policies, handling rule precedence, troubleshooting overlapping triggers, and onboarding new administration. As DLP programs mature, policy environments become complex quickly. Improvement opportunities would include visual policy mapping, impact previews, easier bulk policy editing, simpler policy cloning with conflict detection, and smarter recommendations during policy creation that would be very beneficial. Regarding data discovery and risk posture visibility, improvements are needed. While email layer protection is robust, organizations need better visibility across their repositories. There is an opportunity for built-in sensitive data discovery scanning and risk exposure mapping to identify which business units handle more sensitive data. A data movement visualization dashboard could also be beneficial, transitioning from reactive DLP blocking to proactive data exposure intelligence, which would significantly increase maturity.
From a DLP product improvement point of view, I think if Proofpoint Enterprise DLP can provide a deep-dive investigation or user activity listed on the alert sections with details about what activity was performed by the users at the time of the alert, what checks were performed, whether any rule was created, any SharePoint was accessed, any confidential SharePoint was accessed, or any established connection was performed, this information would be helpful. If that information was also tagged or shown on the ticket, it would be easier to understand more details or investigation approaches and investigation concepts. If that feature can be possible from the vendor side, it will help us for the investigation and as an improvement.
Software Developer at a financial services firm with 1,001-5,000 employees
Real User
Top 20
Dec 4, 2025
Proofpoint Enterprise Data Loss Prevention (DLP) should probably add something more into their case management process. There are certain things that Proofpoint lacks regarding case management. When incidents come in, it classifies a specific subcategory of what that incident is and creates a ticket for the SOC team. If they could provide more details on the type of incident filing in case management, that would be helpful. This is a hard ask because it requires some form of backend automation workflow. Many tools are starting to adopt their own automation workflows, which is pretty cool. Occasional mishaps arise related to users' devices affected by Proofpoint or when Proofpoint isn't logging specific device actions. The insider risk tool has been utilized effectively, which monitors employee actions every ten seconds, but there have been mishaps. Additionally, there are moments when specific servers require updates due to mismatched deployment updates, though this is not considered difficult because endpoint engineering counterparts assist, especially during Proofpoint calls.
Proofpoint Enterprise DLP safeguards data with advanced protection capabilities tailored for comprehensive data loss prevention. It is designed to effectively manage and secure sensitive information across various environments.Proofpoint Enterprise DLP delivers robust security to enterprises seeking to protect critical data. It supports diverse use cases, ensuring seamless adaptation to an organization's unique data protection needs. With valuable features focused on compliance and user...
I have no complaints about how Proofpoint Enterprise DLP can be improved.
In terms of improvements, I find there are some blind spots in Proofpoint Enterprise DLP; you can obviously add more channels for detection, and logging can be much improved, specifying exactly what action took place or what alert was generated. There is a bit of ambiguity in that area. Apart from that, I am quite happy with the solution. From a user experience standpoint, the UI in Proofpoint Enterprise DLP can be a bit better. Integration-wise, it would be great if the API or document API could work better with other integrations, as that is a place where we have found it a bit lacking.
Overall, Proofpoint Enterprise DLP is a strong platform, but there are areas for improvement to enhance usability and effectiveness. One challenge is policy complexity and lifecycle management. As DLP programs mature, policies become layered and interdependent, leading to frustrations such as rule overlap that causes multiple triggers on a single message. Limited visibility into policy hierarchy impacts, difficulty modeling how new rules interact with existing ones, and change management requiring careful validation can all be challenging. An improvement opportunity would be advanced policy simulation tools for conflict detection between rules and clear rule precedence visualization, which would help understand the source of issues. The administrator user experience can feel dense from an admin perspective, especially when managing multiple layered policies, handling rule precedence, troubleshooting overlapping triggers, and onboarding new administration. As DLP programs mature, policy environments become complex quickly. Improvement opportunities would include visual policy mapping, impact previews, easier bulk policy editing, simpler policy cloning with conflict detection, and smarter recommendations during policy creation that would be very beneficial. Regarding data discovery and risk posture visibility, improvements are needed. While email layer protection is robust, organizations need better visibility across their repositories. There is an opportunity for built-in sensitive data discovery scanning and risk exposure mapping to identify which business units handle more sensitive data. A data movement visualization dashboard could also be beneficial, transitioning from reactive DLP blocking to proactive data exposure intelligence, which would significantly increase maturity.
From a DLP product improvement point of view, I think if Proofpoint Enterprise DLP can provide a deep-dive investigation or user activity listed on the alert sections with details about what activity was performed by the users at the time of the alert, what checks were performed, whether any rule was created, any SharePoint was accessed, any confidential SharePoint was accessed, or any established connection was performed, this information would be helpful. If that information was also tagged or shown on the ticket, it would be easier to understand more details or investigation approaches and investigation concepts. If that feature can be possible from the vendor side, it will help us for the investigation and as an improvement.
Proofpoint Enterprise Data Loss Prevention (DLP) should probably add something more into their case management process. There are certain things that Proofpoint lacks regarding case management. When incidents come in, it classifies a specific subcategory of what that incident is and creates a ticket for the SOC team. If they could provide more details on the type of incident filing in case management, that would be helpful. This is a hard ask because it requires some form of backend automation workflow. Many tools are starting to adopt their own automation workflows, which is pretty cool. Occasional mishaps arise related to users' devices affected by Proofpoint or when Proofpoint isn't logging specific device actions. The insider risk tool has been utilized effectively, which monitors employee actions every ten seconds, but there have been mishaps. Additionally, there are moments when specific servers require updates due to mismatched deployment updates, though this is not considered difficult because endpoint engineering counterparts assist, especially during Proofpoint calls.