Skip to content

How It Works

Incydr™ Is A SaaS Solution With An Extensible Cloud Architecture

Graphic imagery for how Incydr works

Better data protection for a fraction of the effort

Only Incydr lets you see and stop data theft without the heavy burden on your security team or disruption to end users. Organizations use Incydr instead of complex DLP, CASB and UEBA deployments.

Shadow IT Incydr use case icon

Monitors endpoint, cloud and browsers with a SaaS architecture

User centric with Incydr icon

Integrates with 30+ partners to leverage your tech stack

Incydr Forensic Search feature icon

Detects data theft on day 1 without policy setup

Faster time to value with Incydr icon

Doesn’t slow employee devices or block sanctioned activity

Customer Story

“We had a guy about to leave the company — a very senior person — and we saw he had just downloaded every single file that he owned onto a USB drive. Every single PowerPoint he’d worked on, every bit of client info — everything. It was eye-opening.” 
CIO at a Global Media Agency

See For Yourself

How Incydr works

  • Monitor all the places your data lives to identify when files move outside your trusted environment
    • Stop data loss from insiders such as departing employees and contractors
    • Automate response controls to correct user mistakes, block file activity, and contain insider threats 
    See All Incydr Features

    Cross-platform endpoint agent

    • Windows, Mac, Linux
    • Typically less than 1% CPU, ≤ 50MB memory

    30+ Integrations

    • IAM & PAM
    • SOAR/XDR
    • SIEM
    • HRIS

    Monitor corporate apps

    • Cloud: OneDrive, Google Drive, Box
    • Email: Office365, Gmail
    • Apps: Salesforce, Git

    Developer resources

    • Open API with published documentation
    • SDK & CLI

    Tech that stands out

    Monitor Git push and pull commands to detect when files from your corporate repository are sent to an untrusted or personal repository.

    Block unacceptable data movement for your highest risk users,without the burden, inaccuracy, and endpoint impact of content-based prevention.

    Download and view the actual contents of exfiltrated files to verify their sensitivity and value. Retain files as evidence.

    Native, non-disruptive agent with a history of day 1 support for new macOS versions.

    Incydr uses the source of files to “classify” them without requiring data tagging or content inspection.

    Get detailed event info on file uploads to web without proxies or TLS inspection.

    Detect exports to personal devices and gain visibility into all data fields within the report.

    Identify untrusted activity without policy management using Incydr’s Trust methodology. Even trusted activity is logged for reference.

    Easily query a company-wide index of all metadata without strain on endpoints. The device doesn’t need to be online for investigation.

    Did You Know?

    There's a 1 in 3 chance your company loses IP when an employee quits. See if it's happening at your organization with a data security assessment from Code42.

    Get Free Assessment

    3 ways Incydr mitigates risk to data

    Pinpoints Exposure

    Defined and Inferred Trust capabilities automatically distinguish between trusted activity and data exposure.

    Read White Paper
    Prioritizes Risk

    More than 250 Incydr Risk Indicators transparently score and prioritize risky file activity.

    Read White Paper
    Automates Response 

    A complete range of response controls to support the full spectrum of insider events – from mistake to threat.

    Read White Paper
    Product Overview

    How Incydr™ Works: A Technical Overview of the Incydr Product Architecture

    Read Now

    Integrations

    Powerful integrations to build your security ecosystem

    View All Incydr Integrations

    SOAR

    SOAR playbooks leverage Incydr’s context-driven alerts to automatically initiate right-sized response controls to contain, resolve and educate on data leak events via technologies like IAM, PAM and EDR/XDR.

    Learn More

    SIEM

    Incydr sends prioritized alerts with contextual Incydr Risk Indicator intel to your SIEM, allowing you to streamline your SOC triage process through a central workflow. A single click brings you to Incydr for investigation and follow up.

    Learn More

    HRIS

    Incydr Flows with HR Information Systems allow you to automatically add users to Watchlists based on user attributes and lifecycle milestones. For example, automatically add all departing employees to a Watchlist for enhanced monitoring before their departure.

    Learn More

    IAM

    Incydr Flows with IAM platforms allow you to automatically add users to Watchlists as well as contain data exposure by removing user access to applications when data risk is detected.

    Learn More

    PAM

    Incydr Flows with PAM platforms allow you to automatically add users to Watchlists as well as contain data exposure by removing user access to sensitive vaults when data risk is detected.

    Learn More

    Learn why the most innovative organizations use Code42 Incydr

    Let Incydr do the hard work for you – see and stop data leak and theft caused by employees.

    Connect With Sales