About the Documentation

Welcome to the product documentation for Proofpoint | ObserveIT On-Premises Insider Threat Management (ITM).

For documentation on Proofpoint's ITM SaaS product, Proofpoint Information Protection Platform, click here.

As the leading Insider Threat Management solution, Proofpoint | ObserveIT protects against data loss, malicious acts, and brand damage involving insiders acting maliciously, negligently, or unknowingly.

Proofpoint | ObserveIT correlates activity and data movement, empowering security teams to identify user risk, detect and respond to insider-led data breaches, and accelerate security incident response.

Product Documentation

The ObserveIT online documentation includes:

Product Overview and Getting Started: Provides an overview of the product, new features and describes how to get up and running quickly.

Installation Guide: Describes the steps required to deploy Proofpoint | ObserveIT ITM on your endpoints.

User Guide: Provides information about using the Proofpoint | ObserveIT Web Console to record and replay user sessions on monitored endpoints.

Insider Threat Intelligence Guide: Describes how Proofpoint | ObserveIT's Insider Threat Intelligence provides a broad view of possible insider threats from risky users and their activities, and enables the investigation of risky users' profiles.

Configuration Guide: Describes all the configuration tasks that are typically performed by an Proofpoint | ObserveIT Administrator.

Release Notes

Release Notes: Contain important information and known problems about the current Proofpoint | ObserveIT release that is not included in the product documentation. This document also provides information about new features and enhancements which are included in the current release.

More Proofpoint | ObserveIT ITM Documentation

The following documents are also available:

  • Proofpoint | ObserveIT Technical Solution Overview: Provides detailed information about deployment scenarios, component architecture, technical feature descriptions and the integration capabilities of ObserveIT Enterprise.

  • Proofpoint | ObserveIT Insider Threat Library: Describes the out-of-the-box detection scenarios provided by Proofpoint | ObserveIT that can be used by Business users and Administrators to detect insider threat on Windows, Unix/Linux and Mac OS systems. For a .pdf of this document, click here.

    For information about fine tuning rules, see ITL Tuning Guide Overview. For a .pdf of this document, click here.

  • Alerts Implementation Guide: Describes how to create Alert and Prevention Rules for Windows, Unix/Linux and mac OS platforms in order to address your business needs. It guides you through the steps of configuring simple and advanced rules, and provides tips and best practices. This document can be found here.

This documentation is intended for use by IT administrators, security, and compliance officers.

For information about third party components subject to open source licenses, click here.

Self-guided Trial

To deploy the Proofpoint | ObserveIT software for a self-guided trial, click here.

Obtaining the Documentation

You can view the entire product's documentation by selecting ObserveIT help from the Help menu in the upper right corner of the Web Console.