Skip to content

Incydr Risk Indicators

Automatically Prioritize Risks That Need Immediate Attention

Automatically prioritize data risks that need immediate attention with Incydr Risk Indicators

Watch A Demo

Incydr Risk Indicators (IRIs) are activities or characteristics that suggest corporate data is at a higher risk of exposure or exfiltration. A library of more than 60 IRIs drive Incydr’s context-driven, pragmatic and adaptable risk prioritization model.

How it works

Risk scoring based on file, vector and user characteristics and behaviors

  • Apply multi-dimensional context
    Information related to the file, exfiltration vector and user is used contextually to determine the risk of an activity.
  • Detect anomalous user behavior
    Pinpoint deviations from baseline user behaviors such as off-hours file activity, the first use of a destination, and rare use of a destination.
  • Expertly scored on day 1
    A research-backed risk score is assigned to every IRI out of the box, and score thresholds determine an event’s severity.
  • Adjust to changing risk tolerance
    Risk settings can easily be tuned to increase or decrease the risk score of an IRI based on your unique risk tolerance.

Incydr Risk Indicators examples

Zip file exfiltration

Source code exfiltration

Salesforce report exfiltration

Earnings report exfiltration

Public link in Google Drive

Dropbox sync app

Attachment to ProtonMail

Airdrop transfer

Departing employee

Contract employee

First use of destination

File mismatch (concealed exfiltration)

White Paper

An Overview of Incydr’s Risk Prioritization Model

Features

Detect, investigate and respond to data exfiltration

Watchlists

Automate management workflows and get focused visibility into file activity for a subset of users who are more likely to put data at risk, such as departing employees.

Learn More

Forensic Search

Investigate event details and custom query a comprehensive, cloud-based index of activity metadata without putting strain on employee devices.

Learn More

Incydr Flows

Orchestrate controls to contain, resolve and educate on detected activity using no-code automation with IAM, PAM, EDR/XDR and other solutions.

Learn More

Want to see Incydr Risk Indicators in action?

A free product experience on your endpoints will demonstrate Incydr’s product functionality in just 4 weeks.

Start Trial