Skip to content

TechNOLOGY INtegration

Incydr™ Response Flows

Try Incydr
Graphic displaying the different integrations Incydr Flows connect to contain, educate and resolve detected data movement.

What are Incydr Response Flows?

Incydr Response Flows orchestrate controls to mitigate corporate data leak when Insider Risk events are detected. Containment and resolution controls are automated based on the severity of the event. They are delivered through integrations with systems like IAM, PAM, EDR and ITSM.

Contain:

Take action at the user, device, or network level so that no further data exposure will take place while security investigates.

Containment ControlsIncydr Response Flow
Conditional access controlsIncydr + Okta Flow
Stop local sync appsIncydr + CrowdStrike Flow
Revoke access to sensitive safesIncydr + CyberArk Flow
Disable USB portsIncydr + CrowdStrike Flow
Network contain the endpointIncydr + CrowdStrike Flow

Resolve:

Address and remediate the data exposure event that was originally detected by Incydr.

Resolution ControlsIncydr Response Flow
User inquiryIncydr + Slack Flow
Escalate to manager, HR or legalIncydr + JIRA or ServiceNow Flow

Featured Use Case

Contain source code leaks with Incydr Flows

User Action: An engineer disguises a source code file to look like a personal .jpeg file. They AirDrop this file to their mobile device.

What’s next: Incydr Context Flows

Incydr Context Flows enhance Incydr’s signal by ingesting user attributes, such as employment milestones, departure or elevated access credentials from corporate IAM, PAM and HCM systems. With user context from these systems, Incydr Flows automatically adds users to alert rules or risk detection lenses when they are considered a high risk user.

Learn More