Skip to main content

Who is this article for?
Find your product plan in the Code42 console on the Account menu.

Incydr Professional and Enterprise
Incydr Basic and Advanced
Other product plans

Incydr Professional and Enterprise, yes.

Incydr Basic and Advanced, yes.

CrashPlan Cloud, no.

Other product plans, yes.

CrashPlan for Small Business, no.

This article applies to Code42 cloud environments.

Code42 Support

Risk Exposure dashboard reference


The Risk Exposure dashboard provides a look into the different types of file activity occurring across your Code42 environment, including high risk and departing employees as well as employees that have the most critical file activity. Use this dashboard to quickly identify when unusual activity is happening so that you can investigate further. 

This article provides an overview of the Risk Exposure dashboard and links to learn more about each of the major areas. 


  • Add trusted activity and data connections to focus your investigations on higher-risk file activity. Adding trust settings reduces noise by only showing untrusted file events in Incydr security event dashboards, user profiles, and alerts. All file activity is still visible in Forensic Search.

  • To use this functionality, Incydr users must be assigned specific roles. For more information, see Roles for Incydr. To learn which permissions on Incydr roles allow use of this functionality, see Permissions for Incydr. If you use other Code42 products, see Role assignment use cases.

  • Feature visibility:
    • This functionality is available only when supported by your product plan. Contact your Customer Success Manager (CSM) for assistance with licensing, or to upgrade to an Incydr product plan. If you do not know your CSM, please contact our Customer Champions.

    • You must connect at least one cloud service to Code42 to see cloud-related file activity. 

    • To edit risk settings, you must have the Customer Cloud Admin, Insider Risk Admin, or Insider Risk Analyst role. Users with the Insider Risk Read Only role can view risk settings, but not make changes.

Differences in file event counts
File events for Forensic Search and Alerts typically appear within 15 minutes of the file activity, while file events in the Risk Exposure dashboard and the User Profile may take up to an hour to appear. As a result, you may see that the file event counts in alert notifications and Forensic Search differ from the event counts in the Risk Exposure dashboard and the Departing Employees and High Risk Employees User Profiles.

The Risk Exposure dashboard

To view, sign in to the Code42 console. Click the logo in the upper-left to return to the Risk Exposure dashboard at any time. 

Risk Exposure dashboard

Click any of the links below for more information about that corresponding area:

  1. Risk settings: Where you can set the score of each risk indicator
  2. Selected time frame: The time frame the file activity occurred in
  3. Trust settings: Code42 excludes trusted file activity as defined by your Data Preferences and any cloud data connections monitored by Code42
  4. Top users by critical activity: List of users with the most critical file activity across your Code42 environment
  5. Risk detection list summaries: Employees on a risk detection list that have recently had critical file events
  6. Destination activity over time: All of the file events that occurred across your organization by destination
  7. File categories: All of the file events that occurred across your organization by file category group
  • Was this article helpful?