Skip to main content

Code42

Download With Dependencies

The Code42 INCYDR integration accelerates insider threat incident response and remediation procedures for potential data exfiltration across computers, email, cloud and SaaS apps.

Code42 integrates with Palo Alto Networks Cortex XSOAR to provide accelerated incident response and automated remediation to potential file exfiltration from insiders happening across endpoints, email, cloud and SaaS applications. The Code42 exfiltration playbook in Cortex XSOAR investigates potential file exfiltration and provides fast access to file events and metadata across physical and cloud environments.

Code42 together with Cortex XSOAR enables security teams to scale, standardize and accelerate their overall incident response process for Insider Risk, so they can quickly detect and respond to data risk when employees or temporary workers leave your organization.

  • Identify potential data exfiltration and insider risk, while speeding investigation and response by providing fast access to file events and metadata across physical and cloud environments.
  • Accelerate and standardize incident escalation workflows for insider threats throughout the employee lifecycle.
  • Automate steps within the employee offboarding process by triggering a configurable lookback of an employee’s historic file movements for manager review.
  • Right-size response to insider risk at scale, whether that be through automated action, alerting the employee’s manager for corrective conversation, or placing a user on legal hold.
  • Remotely add employees to, or remove employees from, Code42 watchlists or to legal hold from within Cortex XSOAR.
  • Leverage hundreds of Cortex XSOAR third-party product integrations to coordinate response across security functions based on insights from Code42.

Code42 integrates with Palo Alto Networks Cortex XSIAM to provide accelerated incident response and automated remediation to potential file exfiltration from insiders happening across endpoints, email, cloud and SaaS applications. The Code42 exfiltration playbook in Cortex XSIAM investigates potential file exfiltration and provides fast access to file events and metadata across physical and cloud environments.

Code42 together with Cortex XSIAM enables security teams to scale, standardize and accelerate their overall incident response process for Insider Risk, so they can quickly detect and respond to data risk when employees or temporary workers leave your organization.

  • Identify potential data exfiltration and insider risk, while speeding investigation and response by providing fast access to file events and metadata across physical and cloud environments.
  • Accelerate and standardize incident escalation workflows for insider threats throughout the employee lifecycle.
  • Automate steps within the employee offboarding process by triggering a configurable lookback of an employee’s historic file movements for manager review.
  • Right-size response to insider risk at scale, whether that be through automated action, alerting the employee’s manager for corrective conversation, or placing a user on legal hold.
  • Remotely add employees to, or remove employees from, Code42 watchlists or to legal hold from within Cortex XSIAM.
  • Leverage hundreds of Cortex XSIAM third-party product integrations to coordinate response across security functions based on insights from Code42.

PUBLISHER

Code42

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedAugust 2, 2020
Last ReleaseFebruary 14, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.