Code42 and SentinelOne partner to reduce the risks associated with insider threats
This integration grants users additional visibility over their most sensitive data and expands response capabilities in the event of an insider threat incident.
Unlike traditional data protection solutions that force security teams into binary monitoring or blocking trade-offs, the Incydr solution offers a wide range of response controls to address the spectrum of data risk events it detects.
By doing so, Incydr allows organizations to drive both effective and efficient reduction of employee-driven data risk. This new integration expands Incydr’s response capabilities by allowing security analysts to detect and prioritize risk to data and speed insider threat response via SentinelOne.
SentinelOne’s network isolation capability allows the security team member to stop an employee’s device from communicating with the internet in order to prevent exfiltration of data while an investigation takes place.
“Time is an invaluable commodity for security teams, which is why so much of a response strategy requires automation. Insider threat incidents require hands-on investigation from security analysts so it’s critical they have real-time actions they can utilize to contain threats,” said Aimee Simpson, Director of Product Marketing at Code42.
“Through this partnership with SentinelOne, we are now offering security teams rapid control over their company’s data and the ability to easily and quickly quarantine a device during an active insider threat investigation. Organizations not only need this level of visibility into data risks to secure their most critical data and assets but also the proper tools in place to efficiently address threats when they arise,” Simpson continued.
Leveraging either SOAR playbooks or Code42’s no-code automation service, Incydr Flows, this new SentinelOne and Code42 integration is simple to deploy and manage.
Specific customer benefits from this integration include:
- Detect insider threat: Effectively surface the insider threat events that require investigation.
- Contain data risk: Prevent the user from taking further risky action while you investigate.
- Save security time: Speed up response time and eliminate manual effort by automating the device isolation in response to critical severity events.
“We are committed to helping customers gain additional detection, investigation and response synergies with their security tooling,” said Akhil Kapoor, VP of Technology Partnerships, SentinelOne.
“We are pleased that SentinelOne’s integration with Code42 will significantly reduce the risks associated with insider threats for our customers,” Kapoor concluded.