Skip to main content

Code42

Use the Code42 integration to identify potential data exfiltration from insider threats while speeding investigation and response by providing fast access to file events and metadata across physical and cloud environments.

Code42 integrates with Palo Alto Networks Cortex XSOAR (previously Demisto) to provide accelerated incident response and automated remediation to potential file exfiltration from insiders happening across endpoints, email, cloud and SaaS applications. The Code42 exfiltration playbook in Cortex XSOAR investigates potential file exfiltration and provides fast access to file events and metadata across physical and cloud environments.

Code42 together with Cortex XSOAR enables security teams to scale, standardize and accelerate their overall incident response process for Insider Risk, so they can quickly detect and respond to data risk when employees or temporary workers leave your organization.

  • Identify potential data exfiltration and insider risk, while speeding investigation and response by providing fast access to file events and metadata across physical and cloud environments.
  • Accelerate and standardize incident escalation workflows for insider threats throughout the employee lifecycle.
  • Automate steps within the employee offboarding process by triggering a configurable lookback of an employee’s historic file movements for manager review.
  • Right-size response to insider risk at scale, whether that be through automated action, alerting the employee’s manager for corrective conversation, or placing a user on legal hold.
  • Remotely add employees to, or remove employees from, Code42 risk detection lenses for departing employees or high-risk users, or to legal hold from within Cortex XSOAR.
  • Leverage hundreds of Cortex XSOAR third-party product integrations to coordinate response across security functions based on insights from Code42.

PUBLISHER

Code42

INFO

CertificationRead more
Supported ByPartner
CreatedAugust 2, 2020
Last ReleaseAugust 13, 2021
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.