Code42, the leader in insider threat detection, investigation and response, is now integrated with Palo Alto Networks Cortex XSOAR (previously Demisto), the industry’s first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise.
The integration delivers accelerated insider threat incident response and automated remediation with data risk intelligence and context about potential file exfiltration — happening across endpoints, email, cloud, and SaaS applications — on or off the corporate network. The integration also allows security teams to manage insider threat incidents from within Cortex XSOAR.
To manage insider threat incidents, security teams can leverage the integration to:
- Streamline alerts by ingesting Code42 data into Cortex XSOAR for complete incident context about exfiltrated files, such as user, file and exposure type, and data source.
- Gain additional insights for users on- and off-network by adding them to Code42 via Cortex XSOAR.
- Search and investigate risky file movements across endpoints, email, cloud, and SaaS apps – without leaving Cortex XSOAR.
- Close incident tickets faster by automating response and remediation.
“Most security postures are heavily focused on external threats, even though about two-thirds of data breaches come from the inside. With so many employees working off the corporate network from home and using cloud collaboration apps, improving visibility into file movements and associated data risks today is a critical security imperative,” says Ananth Appathurai, Code42’s senior vice president of strategic partnerships and ecosystem.
“We believe this new integration with Cortex XSOAR is the first on the market focused on insider threats from detection through incident response and remediation. It can dramatically lessen the load on security organizations that are resource-strapped, as they adjust to securing their data while their employees work-from-home.”
“Bringing granular insider threat intelligence data into Cortex XSOAR will accelerate and simplify response to insider threat incidents for companies, regardless of whether insiders unintentionally or maliciously exfiltrate data,” says Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks.