Code42 + IBM Security

Get Started

Speed investigation and automate response to insider threats

Code42 integrates with IBM Resilient to automate tasks within insider threat response workflows, and speed investigations for insider threat scenarios such as departing employees exfiltrating data.

Together, Code42 and IBM Resilient allow security teams to integrate and accelerate their overall incident response process for insider threats. When file exposure or exfiltration events are detected, the Code42 app for IBM Resilient allows security teams to take action -- whether that be deactivating a user or device, adding a user to legal hold, or through other corrective action.

Benefits of the Code42 + IBM Security integration

Faster response


Automate tasks within insider threat incident response workflows for faster response.

Complete context


Quickly search for exposure events such as external file sharing via browsers, cloud services or email or by a file’s MD5 hash.

Increased productivity


Enhance security team productivity by integrating insider threat incident response procedures, including adding a user to legal hold, all from within IBM Resilient.

Integration features

Automate workflows

Automate tasks within insider threat workflows such as blocking or deactivating a user or device from within IBM Resilient.

Forensic search

Integrate Code42's ability to quickly search for exposure events and investigate risky file movements using an MD5 hash search.

File metadata

Obtain complete incident context about exfiltrated files, including user, file and exposure type, file size, and data source.

Legal hold

Leverage the Code42 app for IBM Resilient to add a user to legal hold, which can be performed remotely and without the user’s knowledge.

Insider threat ecosystem

Leverage Code42 to establish insider threat processes and maximize the potential of your existing security investments.

Integration features

Automate workflows

Automate tasks within insider threat workflows such as blocking or deactivating a user or device from within IBM Resilient.

Forensic search

Integrate Code42's ability to quickly search for exposure events and investigate risky file movements using an MD5 hash search.

File metadata

Obtain complete incident context about exfiltrated files, including user, file and exposure type, file size, and data source.

Legal hold

Leverage the Code42 app for IBM Resilient to add a user to legal hold, which can be performed remotely and without the user’s knowledge.

Insider threat ecosystem

Leverage Code42 to establish insider threat processes and maximize the potential of your existing security investments.

FEATURED USE CASE

Investigate high-risk file events for insider threats, such as a departing employee exfiltrating data

Challenge

Challenge: Insider threat investigations may require additional context around risky file movements across endpoints, cloud and email.

Solution

Solution: When responding to an insider threat incident, security teams can query Code42 from within IBM Resilient to obtain additional details about the risky file movement in seconds. This complete file context can be used to speed investigations and take action, including adding a user to legal hold, all from within IBM Resilient.

Benefit

Benefit: During a data exfiltration investigation in IBM Resilient, security teams can easily gain complete context with instant access to Code42’s ability to search for exposure events or investigate risky file activity, then take immediate next steps, including putting a user on legal hold.