TechNOLOGY INtegration
Incydr™ + SentinelOne
Contain data risk in response to insider threats
Type
Integration
Category
EDR/XDR
Data Directionality
Out of Incydr
Supported By
Code42
How the integration works
When Incydr detects unusual and high-severity activity, it surfaces it for investigation and potential escalation to business stakeholders. It also equips you with controls to correct and contain risk. You can prevent the user from taking further risky action while you investigate by isolating their device using SentinelOne. This allows you to prevent further exfiltration during insider threat investigations.
Key features
- Exfiltration detection: Incydr detects and prioritizes risk to data and triggers response via SentinelOne
- Network quarantine: SentinelOne ensures a user’s endpoint is no longer able to communicate with the internet
- No-code automation: Code42’s Incydr Flow service can be used to deploy and manage the integration
Benefits of the integration
Detect insider threat
Effectively surface the insider threat events that require investigation
Contain data risk
Prevent the user from taking further risky action while you investigate
Save security time
Speed response and eliminate manual effort by automating the device isolation in response to critical severity events
Additional resources
View More ResourcesData SECURITY ASSESSMENT