Get the app | overcome insider risk with code42 incydr
App Catalog

Code42 Incydr App for Sumo Logic

Data risk detection and response to insider threat

icon detect

Detect and mitigate insider risk

Detect data exfiltration across computers, cloud and email, and proactively protect data when it’s more likely to be put at risk, such as when employees are working off-network or using sanctioned or unsanctioned cloud apps to collaborate.

icon monitor and visualize

Continuously monitor data without alert fatigue

Configure Code42 Incydr’s file exposure and exfiltration events into existing Sumo Logic dashboards, or create custom dashboards to programmatically monitor exfiltration events such as cloud sync activity, web browser uploads, file sharing and removable media exposure by user.

icon detect insider threats

Correlate insider risk insights for faster response

Efficiently correlate and disseminate risky events and pertinent investigation details to make fast and informed decisions about how to respond.

dashboard Code42 Sumo PartnerApp Panel1

How Code42 Incydr Works

Code42 Incydr detects when data is put at risk by observing all the employee file activity that takes place on computers and within corporate cloud and email services. Direct integrations with corporate cloud services detect public or untrusted file sharing while integrations with email services detect when file attachments are sent to untrusted recipients.

An agent continuously monitors all file activity on Mac, Windows and Linux computers. It logs all file movement, creation, modification and deletion events that take place within a watched path or using a monitored application. This includes activities like uploading files to web browsers, web apps like Slack, syncing files to personal cloud apps, printing files, and transferring files to removable media devices.

Data risk detection and response for insider threat

Code42 Incydr’s integration with Sumo Logic allows security teams to monitor file movement and sharing across computers, cloud and email providing an accurate picture of insider threat vulnerabilities. Teams can configure Incydr’s file exposure and exfiltration events into existing Sumo Logic dashboards, or create custom dashboards within Sumo Logic to easily visualize:

  • Cloud and endpoint data exposure events
  • Removable media exposure by user
  • Exposure by filename
  • Top files exposed
  • Top endpoint and cloud users by exposure type
  • Exposure events by location
dashboard Code42 Sumo PartnerApp Panel2
dashboard Code42 Sumo PartnerApp Panel3

Correlate actionable insider risk insights for faster response

There’s no one-size-fits-all to insider threat response. Response actions should vary based on corporate and customer impact, employee history and intent. Armed with the facts, Incydr’s integration with Sumo Logic allows security teams to take a right-sized response – whether that be automated action, corrective conversation, additional training or even legal action.