Skip to content

Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response

Minneapolis —

Code42, the leader in insider threat detection, investigation and response, is now integrated with Palo Alto Networks Cortex XSOAR (previously Demisto), the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. The integration delivers accelerated insider threat incident response and automated remediation with data risk intelligence and context about potential file exfiltration — happening across endpoints, email, cloud, and SaaS applications — on or off the corporate network. The integration also allows security teams to manage insider threat incidents from within Cortex XSOAR. The two companies will give more details about the integration during a webcast on Wednesday, May 6 at 11:30 a.m. CDT.

To manage insider threat incidents, security teams can leverage the integration to:

  • Streamline alerts by ingesting Code42 data into Cortex XSOAR for complete incident context about exfiltrated files, such as user, file and exposure type, and data source.
  • Gain additional insights for users on- and off-network by adding them to Code42 via Cortex XSOAR.
  • Search and investigate risky file movements across endpoints, email, cloud, and SaaS apps – without leaving Cortex XSOAR.
  • Close incident tickets faster by automating response and remediation.

"Most security postures are heavily focused on external threats, even though about two-thirds of data breaches come from the inside. With so many employees working off the corporate network from home and using cloud collaboration apps, improving visibility into file movements and associated data risks today is a critical security imperative," says Ananth Appathurai, Code42's senior vice president of strategic partnerships and ecosystem. "We believe this new integration with Cortex XSOAR is the first on the market focused on insider threats from detection through incident response and remediation. It can dramatically lessen the load on security organizations that are resource-strapped, as they adjust to securing their data while their employees work-from-home."

"Bringing granular insider threat intelligence data into Cortex XSOAR will accelerate and simplify response to insider threat incidents for companies, regardless of whether insiders unintentionally or maliciously exfiltrate data," says Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks.

Upcoming Webcast: "Managing data risk during WFH workforce changes"
On Wednesday, May 6, at 11:30 a.m. CDT, Code42 and Palo Alto Networks will co-present a live webcast entitled, "Managing data risk during WFH workforce changes." The webcast will explore how Code42 and Cortex XSOAR work together to help organizations scale, standardize, and accelerate their insider incident response processes. Led by Nathan Hunstad (security director at Code42) and Pramukh Arkalgud Ganeshamurthy (product marketing manager, Cortex XSOAR at Palo Alto Networks), the webcast is now open for registration.

To learn more about how Code42's award-winning data security solution helps secure data while workforces are working from home, visit the Code42 blog.

Cortex XSOAR is an extended security orchestration, automation and response platform that unifies case management, automation, real-time collaboration and threat intel management to transform every stage of the incident lifecycle. Teams can manage alerts across all sources, standardize processes with playbooks, take action on threat intel and automate response for any security use case – resulting in significantly faster responses that require less manual review.