Skip to main content

Who is this article for?
Find your product plan in the Code42 console on the Account menu.

Incydr Professional and Enterprise
Incydr Basic and Advanced
Other product plans

Incydr Professional and Enterprise, yes.

Incydr Basic and Advanced, yes.

CrashPlan Cloud, no.

Other product plans, yes.

CrashPlan for Small Business, no.

This article applies to Code42 cloud environments.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Configure Incydr Flows

Who is this article for?
Find your product plan in the Code42 console on the Account menu.

Incydr Professional and Enterprise
Incydr Basic and Advanced
Other product plans

Incydr Professional and Enterprise, yes.

Incydr Basic and Advanced, yes.

CrashPlan Cloud, no.

Other product plans, yes.

CrashPlan for Small Business, no.

This article applies to Code42 cloud environments.

Overview

Incydr Flows provide an option for automating workflows, which Code42 manages and monitors. These integrations can help speed your processes for detecting, investigating, and responding to insider risks. This article explains how to configure Incydr Flows. 

Considerations

  • Incydr Flows requires assistance and setup from Code42 Professional Services. Contact your Customer Success Manager (CSM) to engage the Code42 Professional Services team and get started. 
  • Incydr Flows are not available in the Code42 federal environment.

Before you begin

Define use cases

Work with the Code42 Professional Services team to determine what systems and workflows to integrate to meet your goals in mitigating insider risk. For example: 

  • When an alert is triggered in Code42, a ticket is automatically opened in a system like ServiceNow.
  • Automatically add users to the Departing Employees list based on updates to information in your human resources system, such as Workday or ADP.
  • When an alert is triggered in Code42, a Slack message is automatically generated to members of your security team. Those team members can then review and respond to the alert by: 
    • Clicking links in the Slack message to the Code42 console to start investigating 
    • Generating a direct Slack message template to send to the actor involved in the alert
    • Closing the alert from within Slack 
  • When an alert is triggered in Code42 for a departing employee, a user is added to a specific Okta group with lower permissions. Then, a ticket is opened in Jira with alert details, for further investigation by your security team. 
  • Automatically take action when new file events appear in the results of a saved search, for example, send an email to a specified address or open a new Case. 
  • When a user's activity triggers an alert in Code42, the user's elevated credentials are disabled via CyberArk. 

Prepare a Code42 user account

To configure Incydr Flows, create a Code42 user service account. This must be a local (non-SSO) user to which you assign roles that provide the necessary permissions. We recommend you assign the roles in our use case for managing a security application integrated with Code42

Enable third-party cookies

In order for you to configure connections, third-party cookies must be enabled in your web browser settings. For instructions on enabling third-party cookies, consult the documentation for your web browser.  

Steps

Once Code42 Professional Services completes initial setup of your Incydr Flows, go to Data Connections to configure your Code42 connection and connections to additional systems

Configure your Code42 connection

Configure your Incydr Flows connection to establish the environment and credentials to use when sending data to Code42 from other systems, or to other systems from Code42. 

  1. Sign in to the Code42 console
  2. Go to Administration > Integrations > Data Connections.
  3. Select the Code42 automated integration. 
    The Code42 dialog displays. 
    Code42 details
  4. Enter the URL for your Code42 environment. 
  5. Enter the username and password for the service account you created previously
  6. Click Connect
    A connection success message appears. 

Configure additional connections 

Depending on your use case, additional connections appear on the Data Connections page, for example, Jira, Okta, or ServiceNow. Enter the configuration details to finish setting up this connection. 

  1. Sign in to the Code42 console
  2. Go to Administration > Integrations > Data Connections.
  3. Select the automated integration you want to configure. 
    The dialog displays. The following example shows Jira. 
    Jira details
  4. Complete the required fields. 
  5. Click Connect

Disconnect Incydr Flows 

You may want to disconnect an Incydr Flows integration to update the connection or authentication details, or to stop the flow of data to or from Code42. 

  1. Sign in to the Code42 console
  2. Go to Administration > Integrations > Data Connections
  3. Select the automated integration you want to configure. 
    The dialog displays.
    Disconnect_Jira
  4. Click Disconnect
    The Incydr Flows connection remains available on the Data Connections page. To disable and remove it completely, contact your Customer Success Manager (CSM) to engage the Code42 Professional Services team. 
  • Was this article helpful?