loader image
Mindflow won the Jury Prize at the FIC 2022 Startup Award! Get a demo to transform your SecOps forever.

TYPE OF TOOLS

CATEGORIES

Code42 Incydr x Mindflow

Code42 Incydr

By mindflow

Code42 Incydr and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.

Incydr Overview

Code42 Incydr is a SaaS providing internal threat detection and response. To that end, it leverages an endpoint agent and API integrations.

The agent runs on Windows, Mac, and Linux operating systems. It is used to detect file events, defined as file creation, modification, deletion, or movement, that are not assimilated to trusted activity.

The agent labels these events as exposure events when files are transferred to untrusted environments. Such environments can be removable media devices, uploaded to browsers, or accessed by monitored installed applications. Your trusted environment can be defined with the help of Incydr Flows, where your teams combine the platform with your IAM and PAM solutions to create Watchlists for the agent to monitor.

The agent should detect an exposure event, and it would securely send details about these exposure events, such as file metadata and the file itself, to the Code42 cloud to be indexed and analyzed.

Once analyzed, the information is notified to your teams via the web console. This data is retained for 30 to 90 days.

The agent sends the file, vector, and user information on detected events to the Code42 cloud to power Incydr’s detection, investigation, and response capabilities.

Besides detection, the platform provides ways to remediate these events via Incydr API integrations and Incydr SOAR playbooks.

code42 incydr

Benefits

  • Enterprise-wide: Agent deployed on every device
  • Data exposure detection: the agent monitors Watchlists to detect and analyze every suspicious file event in your environment
  • Web-browser console: where your teams can be notified and check reports generated by every alert
  • Access to exfiltrated files: files exposed are saved and added to reports for your teams to be able to assess the sensitivity of the data exposed
  • Integrations ready: a catalog of integrations and workflows to enable your teams to implement remediation processes faster

Related integrations