What are Incydr Response Flows?
Incydr Response Flows orchestrate controls to mitigate corporate data leak when Insider Risk events are detected. Containment and resolution controls are automated based on the severity of the event. They are delivered through integrations with systems like IAM, PAM, EDR and ITSM.
Take action at the user, device, or network level so that no further data exposure will take place while security investigates.
Address and remediate the data exposure event that was originally detected by Incydr.
|Resolution Controls||Incydr Response Flow|
|User inquiry||Incydr + Slack Flow|
|Escalate to manager, HR or legal||Incydr + JIRA or ServiceNow Flow|
What’s next: Incydr Context Flows
Incydr Context Flows enhance Incydr’s signal by ingesting user attributes, such as employment milestones, departure or elevated access credentials from corporate IAM, PAM and HCM systems. With user context from these systems, Incydr Flows automatically adds users to alert rules or risk detection lenses when they are considered a high risk user.