About the Documentation

Welcome to the product documentation for ObserveIT Enterprise.

As the leading Insider Threat Management solution, Proofpoint | ObserveIT protects against data loss, malicious acts, and brand damage involving insiders acting maliciously, negligently, or unknowingly.

ObserveIT correlates activity and data movement, empowering security teams to identify user risk, detect and respond to insider-led data breaches, and accelerate security incident response.

To learn about the new features, see What's New.

Product Documentation

The ObserveIT online documentation includes:

Product Overview and Getting Started: Provides an overview of the product, new features and describes how to get up and running quickly with ObserveIT.

Installation Guide: Describes the steps required to deploy ObserveIT on your endpoints.

User Guide: Provides information about using the ObserveIT Web Console to record and replay user sessions on monitored endpoints.

Insider Threat Intelligence Guide: Describes how ObserveIT's Insider Threat Intelligence provides a broad view of possible insider threats from risky users and their activities, and enables the investigation of risky users' profiles.

Configuration Guide: Describes all the configuration tasks that are typically performed by an ObserveIT Administrator.

Additional ObserveIT Documentation

The following documents (in PDF format) are also provided:

  • Release Notes: Contains important information and known problems about the current ObserveIT release that is not included in the product documentation. This document also provides information about new features and enhancements which are included in the current release. A .pdf version of the Release Notes for the current ObserveIT release can be found here.

  • ObserveIT Technical Solution Overview: Provides detailed information about deployment scenarios, component architecture, technical feature descriptions and the integration capabilities of ObserveIT Enterprise. This document can be found here.

  • ObserveIT Insider Threat Library: Describes the out-of-the-box detection scenarios provided by ObserveIT that can be used by Business users and Administrators to detect insider threat on Windows, Unix/Linux and Mac OS systems. This document can be found here.

    For information about fine tuning rules, see ITL Tuning Guide.

  • Alerts Implementation Guide: Describes how to create Alert and Prevention Rules for Windows, Unix/Linux and Mac OS platforms in order to address your business needs. It guides you through the steps of configuring simple and advanced rules, and provides tips and best practices. This document can be found here.

ObserveIT documentation is intended for use by ObserveIT IT administrators, security, and compliance officers.

For information about third party components subject to open source licenses, click here.

Self-guided Trial

To deploy the ObserveIT software for a self-guided trial, click here.

Obtaining the Documentation

You can view the entire product's documentation by selecting ObserveIT help from the Help menu in the upper right corner of the Web Console.

version 7.10.0