Threat detection and faster response
The Incydr app for Sumo Logic allows security teams to configure file exposure and exfiltration events into existing Sumo Logic dashboards to detect and respond to insider risk.
Incydr’s Insider Risk detection lenses surface insights for subsets of users more likely to put data at risk, such as users with access to proprietary information or departing employees. Visualizing this data in the Sumo Logic platform provides security teams with actionable insights and speedy response.
File telemetry information
Ingest file telemetry information from Incydr into existing Sumo Logic dashboards for triage.
Create custom dashboards within Sumo Logic using Incydr data — with the ability to tailor queries based on file, vector or user (i.e., only files that have been uploaded via a browser).
Prioritized risk detection
Accelerate response to data risk identified by Incydr by using data intelligence provided by the Sumo Logic platform.
Insider Risk workflows
Leverage Incydr to establish Insider Risk processes and maximize the potential of your existing security investments.
FEATURED USE CASE
Ingest Incydr data into Sumo Logic for actionable insights and triage of insider threats
Security teams have underdeveloped or non-existent processes in place to detect and respond to insider threats or data exfiltration.
Code42 Incydr’s integration with Sumo Logic allows security teams to monitor file movement and sharing across computers, cloud and email providing an accurate picture of insider threat vulnerabilities. Teams can configure Incydr’s file exposure and exfiltration events into existing Sumo Logic dashboards, or create custom dashboards within Sumo Logic to easily visualize:
- Cloud and endpoint data exposure events
- Removable media exposure by user
- Exposure by filename
- Top files exposed
- Top endpoint and cloud users by exposure type
- Exposure events by location
Streamlining alert information and incident triage within the Sumo Logic platform reduces complexity by correlating event information to deliver actionable insights that speed insider threat response.
Want to see Incydr from the inside?
In under four minutes, our product demo provides a walk through of the SaaS solution to show how Incydr can stop data exfiltration before damage is done.Watch Demo