Skip to content
Industry Insights

Code42 Joins Palo Alto Networks Cortex XSOAR Marketplace to Address Insider Threat

Security is an ever-growing ecosystem of partners bringing unique solutions to solve complex problems. For our joint customers, our recent integration with Palo Alto Networks Cortex XSOAR provided a platform to speed detection and automate response to insider threats. 

Part of the industry’s most comprehensive security orchestration marketplace 

Today, we are proud to announce the inclusion of our Code42 Insider Threat Remediation content pack in the newly released Cortex XSOAR Marketplace, the industry’s most comprehensive security orchestration marketplace. The Cortex XSOAR Marketplace gives you access to an array of orchestration and automation tools from vendors and service providers, allowing you to:

  • Leverage industry experts to solve your toughest security use-cases: Deploy turn-key content packs that span integrations, playbooks, dashboards, and reports with a single click.
  • Discover highly rated, validated content packs: Identify the best SOAR content packs recommended by your peers and validated by the world’s leading cybersecurity company.
  • Stay up to date with innovations in security automation: Continuously extend Cortex XSOAR with proven use-cases contributed by SecOps users and SOAR partners in the largest SOAR community in the industry.

The shift to remote work has impacted how security teams work together cross-functionally with other departments – such as HR and Legal – on business processes throughout the employee lifecycle, including the employee offboarding process and for incidents involving workers with access to sensitive or proprietary information.

Surfacing risk and accelerating response to insider threats should be core to any security operations team, even more so as the increasingly collaborative (and virtual) workforce culture continues to move the goalposts for data security. At a time when employee departure rates are high for many industries, increased signal to look for potential insider threats – such as an employee uploading a resume in a web browser – in tandem with turn-key automated processes, can provide security teams with the actionable context needed to speed investigations and take a right-sized approach to incident response.

Detect and respond to data risks

Addressing insider threat: The Code42 Insider Threat Remediation pack in Cortex XSOAR

Code42’s turn-key Insider Threat Remediation content pack within Cortex XSOAR provides security teams with a configurable lookback of an employee’s historic file movements – including browser uploads and cloud sync activity. The pack can be initiated based on preset triggers, such as an email sent from a human capital management (HCM) system indicating an employee has been terminated or is leaving the organization to go to a competitor.  

As part of the Cortex XSOAR Marketplace, joint customers can:

  • Accelerate and standardize incident escalation workflows for insider threats throughout the employee lifecycle
  • Automate processes within the employee offboarding process by easily seeing an employee’s historic file movements – and upon any suspicious findings, share with the employee’s manager for further review 
  • Right-size response to insider threats at scale, which can include additional automated commands within Cortex XSOAR, alerting the employee’s manager for corrective conversation, or placing a user on legal hold

As we join this select group of Cortex XSOAR Marketplace launch partners who have developed valuable content packs for customers, we are committed to further expanding our packs across other workflows in the employee lifecycle. And in turn, we will continue to speed and automate response to insider threat situations. 

Be sure to also watch our on-demand webinar, “Palo Alto Networks + Code42: Managing Data Risks During WFH Workforce Changes.”

You might also like: