Anthropic-Cybersecurity-Skills/skills/implementing-proofpoint-email-security-gateway/references/standards.md

# Standards & References: Implementing Proofpoint Email Security Gateway

## Industry Standards
- **NIST SP 800-177 Rev.1**: Trustworthy Email - guidelines for email security deployment
- **RFC 7208**: Sender Policy Framework (SPF) for authorizing use of domains in email
- **RFC 6376**: DomainKeys Identified Mail (DKIM) Signatures
- **RFC 7489**: Domain-based Message Authentication, Reporting & Conformance (DMARC)
- **CIS Controls v8 Control 9**: Email and Web Browser Protections

## MITRE ATT&CK References
- **T1566.001**: Phishing: Spearphishing Attachment
- **T1566.002**: Phishing: Spearphishing Link
- **T1566.003**: Phishing: Spearphishing via Service
- **T1534**: Internal Spearphishing
- **T1598**: Phishing for Information
- **T1114.003**: Email Collection: Email Forwarding Rule

## Proofpoint-Specific References
- **Proofpoint Email Protection (PPS)**: On-premises protection platform
- **Proofpoint on Demand (PoD)**: Cloud-hosted email security service
- **Proofpoint TAP (Targeted Attack Protection)**: Advanced threat detection
- **Proofpoint TRAP (Threat Response Auto-Pull)**: Post-delivery remediation
- **Proofpoint Nexus Threat Graph**: Cross-customer threat intelligence

## Compliance Alignment
| Framework | Control | Description |
|---|---|---|
| SOC 2 | CC6.1 | Logical and physical access controls |
| HIPAA | 164.312(a)(1) | Access control for ePHI |
| PCI DSS 4.0 | 5.2 | Anti-malware solutions |
| NIST CSF 2.0 | PR.DS-1 | Data-at-rest and data-in-transit protection |
| ISO 27001 | A.8.23 | Web filtering |

## Email Security Gateway Market
- Proofpoint processes 2.8+ billion messages daily (2024)
- Gartner Magic Quadrant Leader for Email Security (2019-2024)
- Over 50% of Fortune 100 companies use Proofpoint