Code42 adds new insider threat detectors for government security teams

Code42 announced the FedRAMP Authorized Code42 Incydr Gov solution has added new data exfiltration detectors for cloud and email systems.

Code42 Incydr Gov

In addition to detecting data exfiltration from endpoints, now security teams can detect, investigate and respond to insider risk activities, including monitoring unauthorized file movement, spillage and sharing from and within cloud and email systems.

The new data exfiltration detectors give security teams full visibility when files are shared, downloaded, or emailed to untrusted destinations on OneDrive, Google Drive, Box, Office 365 and Gmail, whether those insider risk events take place on a computer, in the cloud or over email.

With the growing adoption of cloud and use of collaboration tools across federal agencies, there are exponentially more ways for insiders to exfiltrate data. What’s more, many federal agencies’ insider risk programs are built around traditional tools like data loss prevention (DLP) products that weren’t designed to handle the modern reality of ultra-portable data and widespread cloud-based collaboration and file sharing. With research indicating that on average, every employee commits 13 data exposure events every day, federal organizations need clearer visibility to data spillage and prioritization of the riskiest file events happening both on and off their networks.

“Our research shows that nearly three-quarters (71%) of security teams lack complete visibility to sensitive data movement, according to IT security leaders,” said Jason Greenwood, Code42 Vice President, Federal. “Our new data exfiltration detectors help federal agencies execute against Zero Trust data security strategies, give crucial visibility into data that is being mishandled or shared from agency systems, and further protect some of the most sensitive information in the country against Insider Risk.”

Mitigating data exfiltration across federal cloud and email systems

With the cloud and email data exfiltration detectors now available for purchase with Incydr Gov, federal agency security teams can now see when email attachments from federal email systems are sent to untrusted recipients, files are shared to untrusted locations, and links are shared too broadly from federal cloud storage systems. Incydr Gov’s new capabilities further protect federal agencies against Insider Risk by allowing security teams to:

  • Employ zero trust data security strategies
  • Gain visibility into file exfiltration and spillage
  • Detect when files are shared with untrusted users without installation or management of proxies
  • Avoid alert fatigue stemming from false positive Insider Risk notifications
  • Eliminate manual investigation time
  • Quickly trigger response controls due to fast, accurate detection of unsanctioned activity


The new data exfiltration detectors for cloud and email systems are currently available to new and existing Incydr Gov customers as part of the Code42 Incydr Gov product in the FedRAMP Marketplace.

More about

Don't miss