Tuesday, 22nd September 2020

Insider threat partnership

Joint solution integrates detection, automated investigations and incident response capabilities to reduce risks caused by compromised, negligent or malicious insiders.

Exabeam and Code42 have formed a strategic partnership to help security and insider threat teams quickly detect, investigate and respond to data exfiltration, and reduce risks caused by compromised, negligent or malicious insiders. Customers using the joint solution will benefit from having a full picture of their environment, even in distributed workforce conditions, with automated incident response to obstruct insider threats before data loss occurs.


Insider threats are now among the most serious security risks and are becoming increasingly difficult to manage using conventional security technologies. The huge shift to remote working in 2020 has increased the use of personal devices, and at the same time, reduced the effectiveness of existing enterprise security solutions. When devices aren’t accessing assets directly through the corporate network or a VPN and instead going straight to the cloud, on-premise network data loss prevention (DLP) techniques and network firewalls have blind spots. Remote workers have also become the targets of social engineering attacks as cybercriminals attempt to exploit them to access corporate networks.


“The unprecedented growth in distributed work presents novel and complex insider threats -- even when compared to just months ago,” commented Grant McCormick, CIO, Exabeam. “As a result, organisations should attach greater urgency to monitoring risky activities that may impact the security of their vital data. Failure to do so creates a potentially catastrophic blind spot in the protection and integrity of enterprise infrastructure.”


The partnership enhances security across a variety of exfiltration vectors — across endpoint to cloud, through a technology integration, which uses the Exabeam Cloud Connector solution to ingest data that indicates risk from the Code42 IncydrTM product into Exabeam Data Lake and Exabeam Advanced Analytics. Organisations using the Exabeam and Code42 integration will gain the ability to establish or more easily build insider threat programs and processes. These organisations’ security operations center (SOC) and insider threat teams can:

  • Provide real-time analysis and reporting on security alerts and data exfiltration attempts across their environment

  • Accelerate investigations related to insider threats with detailed incident context across exfiltration vectors, file types, and user attributes and behaviour

  • Resolve insider risk incidents faster through a combined solution that delivers high-fidelity alerts and actionable insights, along with the ability to correlate alert information and triage incidents


Ananth Appathurai, strategic partnerships and ecosystem SVP at Code42, said, “Together, we can offer organisations the ability to protect their systems and data from the malicious and accidental consequences of insider threats. This is vital as the recent changes in workplace culture evolve into permanent distributed strategies that legacy data protection solutions aren’t designed to address.”



CipherTrust Data Security Platform enables businesses to discover, protect and control sensitive dat...
Cybersecurity remains a top priority for SMBs worldwide, as revealed in a survey conducted by Vanson...
F-Secure’s attack landscape update highlights attackers’ strategies to capitalize on the COVID-19 pa...
Latest research from Neustar reveals rise in intensity, sophistication and volume of DDoS attacks am...
Only 12% of chief information security officers (CISOs) excel in all four categories of the Gartner...
Research by Egress reveals organisations suffer outbound email data breaches approximately every 12...
Attivo Networks has published the results of a new research report conducted with Kevin Fiscus of De...
The recent Kaspersky report ‘State of Industrial Cybersecurity in the Era of Digitalisation’ has rev...