Security is an ever-growing ecosystem of partners bringing unique solutions to solve complex problems. For our joint customers, our recent integration with Palo Alto Networks Cortex XSOAR provided a platform to speed detection and automate response to insider threats.
Part of the industry’s most comprehensive security orchestration marketplace
Today, we are proud to announce the inclusion of our Code42 Insider Threat Remediation content pack in the newly released Cortex XSOAR Marketplace, the industry’s most comprehensive security orchestration marketplace. The Cortex XSOAR Marketplace gives you access to an array of orchestration and automation tools from vendors and service providers, allowing you to:
Leverage industry experts to solve your toughest security use-cases: Deploy turn-key content packs that span integrations, playbooks, dashboards, and reports with a single click.
Discover highly rated, validated content packs: Identify the best SOAR content packs recommended by your peers and validated by the world’s leading cybersecurity company.
Stay up to date with innovations in security automation: Continuously extend Cortex XSOAR with proven use-cases contributed by SecOps users and SOAR partners in the largest SOAR community in the industry.
Surfacing risk and accelerating response to insider threats should be core to any security operations team, even more so as the increasingly collaborative (and virtual) workforce culture continues to move the goalposts for data security. At a time when employee departure rates are high for many industries, increased signal to look for potential insider threats – such as an employee uploading a resume in a web browser – in tandem with turn-key automated processes, can provide security teams with the actionable context needed to speed investigations and take a right-sized approach to incident response.
Addressing insider threat: The Code42 Insider Threat Remediation pack in Cortex XSOAR
Code42’s turn-key Insider Threat Remediation content pack within Cortex XSOAR provides security teams with a configurable lookback of an employee’s historic file movements – including browser uploads and cloud sync activity. The pack can be initiated based on preset triggers, such as an email sent from a human capital management (HCM) system indicating an employee has been terminated or is leaving the organization to go to a competitor.
As part of the Cortex XSOAR Marketplace, joint customers can:
Accelerate and standardize incident escalation workflows for insider threats throughout the employee lifecycle
Automate processes within the employee offboarding process by easily seeing an employee’s historic file movements – and upon any suspicious findings, share with the employee’s manager for further review
Right-size response to insider threats at scale, which can include additional automated commands within Cortex XSOAR, alerting the employee’s manager for corrective conversation, or placing a user on legal hold
As we join this select group of Cortex XSOAR Marketplace launch partners who have developed valuable content packs for customers, we are committed to further expanding our packs across other workflows in the employee lifecycle. And in turn, we will continue to speed and automate response to insider threat situations.
Abhik is a senior product marketing manager at Code42 and brings 10+ years of experience in enterprise technology. He is the strategic conduit between the customer, product management, sales and marketing teams. He is passionate about creating compelling content and communications to demonstrate the strengths of tech solutions. Prior to Code42, he served as a global product manager for companies such as Xiotech, Kroll Ontrack and Imation.
Receive personalized insights right into your inbox!
Thank you for your inquiry! Someone will be with you soon.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.