Proofpoint | ObserveIT On-Premises Insider Threat Management
About the Documentation
Welcome to the product documentation for Insider Threat Management On-Premises (ITM On-Prem).
Currently documentation is being rebranded from ObserveIT to ITM On-Prem. Anything referred to as ITM On-Prem means ObserveIT and anything referred to as ObserveIT is ITM On-Prem.
Documentation is also available for Proofpoint's ITM / Endpoint DLP product on Proofpoint Information Protection Platform.
As the leading Insider Threat Management solution, Proofpoint ITM protects against data loss, malicious acts, and brand damage involving insiders acting maliciously, negligently, or unknowingly.
Proofpoint ITM correlates activity and data movement, empowering security teams to identify user risk, detect and respond to insider-led data breaches, and accelerate security incident response.
To learn about the new features, see What's New.
Proofpoint Insider Threat Management On-Premises Release Notes version 7.13.3: Contain important information and known problems about the current Proofpoint ITM On-Prem release. This document also provides information about new features and enhancements which are included in the current release.
The ITM On-Prem online documentation includes:
Product Overview and Getting Started: Provides an overview of the product, new features and describes how to get up and running quickly.
Installation Guide: Describes the steps required to deploy ITM On-Prem on your endpoints.
User Guide: Provides information about using the ITM On-Prem Web Console to record and replay user sessions on monitored endpoints.
Configuration Guide: Describes all the configuration tasks that are typically performed by an ITM On-Prem Administrator.
ITM On-Prem (ObserveIT) Insider Threat Library: Describes the out-of-the-box detection scenarios provided by ITM On-Prem that can be used by Business users and Administrators to detect insider threat on Windows, Unix/Linux and Mac OS systems.
Insider Threat Intelligence Guide: Describes how ITM On-Prem provides a broad view of possible insider threats from risky users and their activities, and enables the investigation of risky users' profiles.