Code42 Releases New Risk Indicators that Cut through Alert Noise and Speed Insider Threat Investigations

Exposes and prioritizes the riskiest file activity among remote workers

Minneapolis — May 20, 2020 

Code42, the leader in insider risk detection, investigation and response, announced that it has enhanced its insider risk detection capabilities. New high-fidelity risk indicators filter out non-threatening activities to flag and prioritize high-risk file events that represent real threats and require security investigation. The risk indicators zero in on mismatched files types and extensions, unsanctioned file activity as well as suspicious off-hours and remote workforce activities.

"Cybersecurity teams are drowning in alerts that obscure legitimate risks to data, and they get burned out trying to chase them all down. Code42 is addressing this problem head on," said Joe Payne, Code42's president and CEO. "To protect data from insider threats, security teams need high-fidelity risk detection that cuts through the noise – this is what we call signal. Sharpening signal helps security teams quickly prioritize user activity that needs investigation. We believe Code42 is delivering the richest, most prescriptive data security signal on the market today."

The Code42 insider risk solution provides a company-wide and segmented view of suspicious file movement, sharing and exfiltration activities. It sorts that activity by file type, user and vector, such as email, Dropbox, iCloud, USB, browser uploads, Slack and others. This information allows security teams to identify unusual data trends, gaps in security awareness and Shadow IT.

To help security teams cut through alert noise and speed insider threat investigations, the new indicators further expose:

  • File mismatch risk – Identifies when a file's content type does not match its stated extension, which may indicate internal attempts to maliciously conceal data exfiltration.
  • Off-hours activity risk – Tracks employee behavioral patterns to surface file activity that takes place at unusual times.
  • Remote workforce file activity – Offers a company-wide view of all data exposure and a segmented view of file risks caused by remote employees, as determined by IP addresses.
  • Unsanctioned file activity – Enables security teams to remove excessive notifications of trusted domains and URLs from dashboard views and alerts so they can focus on riskier file activity, like uploads to personal Dropbox accounts or email attachments sent to untrusted recipients.

Code42's insider risk solution has received a number of industry awards in 2020, including a CyberDefense Magazine InfoSec Award for Best Insider Threat Detection and a Cybersecurity Excellence Gold Award for Best Insider Threat Solution. For a complete list of Code42's industry recognitions, visit the Honors page on the company's website.