Code42 Software, Inc., the Insider Risk Management (IRM) leader, today announced it has enhanced source code exfiltration detection within its Code42® Incydr™ product to specifically support Git push commands to personal or unsanctioned code repositories, whether GitHub, Bitbucket, Azure DevOps, and other Git-supported platforms. Incydr detects and prioritizes data transfer to locations other than your sanctioned locations and then alerts security analysts with the context they need to take swift action through an appropriate response control. This capability is available for Windows, Mac, Linux and VDI environments.
“Tools like Git and GitHub are absolutely critical to the software development cycle. Unfortunately, they also present major challenges from a security perspective. Security teams need a way to see what unsanctioned Git activity is occurring, and quickly respond when source code is going to an untrusted location – all while continuing to remain unobtrusive for development teams,” said Rob Juncker, CTO at Code42.
For many organizations, especially leading technology, medical device and software companies, source code is their single most valuable intellectual property (IP), to which insiders – malicious or not – present the biggest risk. Many software developers and engineering teams utilize Git to create source code. Much of their Git usage is sanctioned as part of their everyday work – including creating and updating code and pushing it to corporate or open source repositories. However, engineers who want to exfiltrate source code could also use Git to send proprietary source code to personal or unsanctioned code repository services.
The theft of IP is a vast, and likely underreported, problem for organizations working to retain their source code. In fact, telemetry data from Incydr shows that the volume of exfiltrated source code increased 28% during 2021. Furthermore, the most recent update from the Commission on the Theft of American Intellectual Property estimates the annual cost of U.S. intellectual property theft at between $180 billion and $540 billion.
Learn more about Code42’s Insider Risk Management Offering
Code42 Incydr: The Industry’s Leading Data Security Product for Exfiltration
Incydr is an Insider Risk Management solution that provides the visibility, context and controls needed to stop data leak and IP theft. Organizations utilize Incydr to detect and respond to data exposure and exfiltration from corporate computer, cloud and email systems. It deploys in hours so security teams can address material risk to the business in a matter of days and drive the secure work habits needed to decrease how often employees put data at risk in the future.
Code42 Instructor: Education Led Insider Risk Response
Instructor™ improves Insider Risk awareness by focusing on the creation of holistic, security-oriented cultures. The solution delivers actionable, hyper-targeted and bite-sized lessons to end-users when they’re needed most, helping to change security behavior for the long term. The Instructor solution helps organizations rapidly mature their Insider Risk Management programs by incorporating data-driven Insider Risk behavioral guidance for end-users.
Combining the Power of Incydr and Instructor
Instructor works in tandem with Incydr, allowing security, compliance and education teams to immediately send corrective lessons triggered by employee actions that create risk for the business. For example, when Incydr flags file movement to an untrusted location, like an unauthorized cloud application, an Instructor video specifically explaining the correct activity is sent to educate the employee in real-time through the Incydr solution.
Code42 Services: Measure, Manage, Mitigate
We believe IRM technology is simpler and faster to deploy than other technologies such as DLP and CASB, but it does require a strategy and mindset shift. Insider Risk Management isn’t only about data – it’s about a company’s employees and culture. Code42 IRM Services are designed to help organizations establish an efficient and effective IRM program rooted in transparency, training and technology. Code42’s services take a collaborative approach to helping organizations develop, operationalize, and mature an end-to-end IRM program.
- Visit our Incydr and Instructor solution pages to learn more about our offerings.
- Join the conversation with Code42 on our blog, LinkedIn, Twitter and YouTube.
- Read our book, Inside Jobs: Why Insider Risk is the Biggest Cyber Threat you can’t Ignore.
- Learn more about insider risk at the Insider Risk Summit™ event, taking place Sept 27-29, 2022. Register now for the free virtual community event.
Code42 is the leader in Insider Risk Management (IRM), offering end-to-end data loss detection and response solutions. The Code42 Incydr product is native to the cloud and rapidly detects data exposure, loss, leak and theft as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. Accelerating the effectiveness of Insider Risk programs are the Code42 Instructor microlearning solution, and Code42’s full suite of expert services.
With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Designed to meet regulatory control requirements, Code42’s IRM solution is FEDRAMP authorized and can be configured for GDPR, HIPAA, PCI and other compliance frameworks. Innovative organizations, including the fastest-growing security companies, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NewView and Split Rock Partners. Code42 has played a defining role in developing a vision and requirements for the IRM category – now recognized by Gartner, IDC and Forrester – and is a founding member of the annual Insider Risk Summit and Insider Risk Community.
The Company has several offices across the United States as well as an international office in London. Code42’s clients include large multinational organizations, such as Crowdstrike, Exabeam, BAYADA Home Health Care, Juniper Networks, Lending Club, MacDonald-Miller, MACOM, North Highland, Ping Identity, Shape Technologies, Snowflake, University of Georgia, User Testing, UTEX and Xactly.