Code42 Advances its Insider Threat Detection Capabilities

  • Pinpoints suspicious data activity among high-risk employees, including flight risks, contractors, poor performers
  • Detects high-risk data events taking place outside of an employee’s typical hours
  • Prioritizes user behavior that needs investigation

MINNEAPOLIS--()--Code42, the leader in insider threat detection, investigation and response, today announced it has advanced its cloud data security solution with the second in a series of new capabilities designed to help companies defend against the rising tide of insider threats. The newest enhancements equip security teams to closely monitor, detect and investigate data threats caused by high-risk employees. This includes workers, who have access to high-value data; temporary employees, such as contractors and interns; as well as employees, who may be a flight risk, have had recent performance concerns or are known to fall for phishing attacks.

The new capabilities complement the company’s earlier product enhancements, which enable security teams to quickly spot data theft when employees resign and depart. Together, the series is intended to deliver on Code42’s broader product strategy: to secure data throughout the employee lifecycle — from hire to exit or separation. This includes milestone events such as promotions, performance reviews and disciplinary actions. The new product capabilities will be on display in Code42’s booth (N-6079) at the 2020 RSA Conference, which takes place Feb. 24 – 27 at the Moscone Center in San Francisco.

“There’s no debate. Insider threat programs have failed to keep pace with today’s digital workplace,” said Joe Payne, Code42’s president and CEO. “Collaborative technologies — like Slack, Box, and Microsoft Teams and OneDrive — have made it easy for employees to legitimately share files via personal email and the cloud. At the same time, they also have made it easier to exfiltrate data such as product ideas, source code and customer lists. Our cloud-based product was built to allow organizations to identify, investigate and respond to exfiltration events that stem from insiders.”

According to the 2020 Code42 Data Exposure Report, workers move files in and out of organizations using email (38%), external devices (35%), cloud collaboration platforms (31%) and browser uploads (26%). To provide security teams complete visibility to where data lives and moves, Code42’s insider threat solution quickly detects when files are:

  • Uploaded to personal email or other unsanctioned websites via web browsers
  • Uploaded to personal cloud sync applications, including iCloud, Box, Dropbox, Google and Microsoft OneDrive
  • Transferred to USB and other removable media devices
  • Shared to untrusted domains outside of corporate GoogleDrive, OneDrive or Box accounts
  • Deleted en masse off employee computers

With a high-fidelity signal, Code42’s solution helps security teams cut through the noise created by false alerts so they can pinpoint suspicious data activity among high-risk users and speed the investigation process. The latest product enhancements enable security teams to:

  • Access a prioritized list of users whose file activity requires investigation
  • Quickly determine the potential exfiltration vectors used across computers, cloud and email
  • Assess activities within the context of a user’s 1-, 7-, 30- and 90-day history
  • Review indicators of increased risk, such as which activities have taken place outside of an employee’s normal active hours
  • Review the exact content of files at risk
  • Escalate to line of business, HR and legal stakeholders when necessary

Code42’s solution has received a number of industry award recognitions. In 2019, Code42’s solution received Globee and IT World Awards, a Stevie Award, two Cyber Defense Magazine 2019 InfoSec Awards, a 2019 Info Security PG’s Global Excellence Award and 2019 Cybersecurity Excellence Awards. For a complete list of Code42 achievements, visit the Honors page on the company’s website.

About Code42

Code42 is the leader in insider threat detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners. For more information, visit, read Code42’s blog or follow the company on Twitter.

©2020 Code42 Software, Inc. All rights reserved. Code42 and the Code42 logo are registered trademarks or trademarks of Code42 Software, Inc. in the United States and/or other countries. All other marks are properties of their respective owners.


Gerri Dyrek
Vice President Corporate Marketing, Code42

Release Summary

Code42 advanced its cloud data security solution with new capabilities designed to help companies defend against the rising tide of insider threats.



Gerri Dyrek
Vice President Corporate Marketing, Code42