Skip to main content

Who is this article for?
Find your product plan in the Code42 console on the Account menu.

Incydr Professional, Enterprise, and Gov F2
Incydr Basic, Advanced, and Gov F1
Other product plans

Incydr Professional and Enterprise, yes.

Incydr Basic and Advanced, yes.

CrashPlan Cloud, no.

Other product plans, yes.

CrashPlan for Small Business, no.

This article applies to Code42 cloud environments.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Incydr file categories

Who is this article for?
Find your product plan in the Code42 console on the Account menu.

Incydr Professional, Enterprise, and Gov F2
Incydr Basic, Advanced, and Gov F1
Other product plans

Incydr Professional and Enterprise, yes.

Incydr Basic and Advanced, yes.

CrashPlan Cloud, no.

Other product plans, yes.

CrashPlan for Small Business, no.

This article applies to Code42 cloud environments.

Overview

Incydr groups files into categories based on analysis of the file contents and file extension. This categorization enables you to easily search, prioritize risk, and manage alerts based on specific types of files.

A complete list of categories and the types of files in those categories are listed below.

File category use case examples

  • In Forensic Search, you can easily search for file events based on file category. For example, performing a search for the Image file category returns file activity for .gif, .jpg, .png, and many other known image file types.
  • Risk indicators apply risk scores to file events based on the file category. For example, Source code files have a default score of +3, but you can change any score to match your risk tolerance for a specific category.
  • Alert criteria can be based on file categories. For example, create a rule to alert you when Source code files are exfiltrated.

File category details

The table below lists examples of file extensions to illustrate the types of files included in each category. However, each category contains many more file types than listed here, and file extensions are not the only criteria used to determine the file category.

File category

Example file extensions (each category contains more file types than listed below)

Audio aac, aif, flac, m4a, mp3, wav, wma
Document doc, docx, pages, rtf, txt
Executable apk, app, com, dll, exe, jar, msi, pkg 
Image ai, bmp, dwg, eps, gif, jpg, png, psd, raw, svg, tif
PDF pdf
Presentation key, odp, otp, ppt, pptm, pptx
Script action, bash, bat, cmd, job, sh, vbs
Source code c, c++, class, go, h, java, js, php, py, r, rb, rs, swift, vb
Spreadsheet ods, xll, xlsm, xlsx, xlt
Video avi, flv, mkv, mov, mp4, mpeg, mpg, wmv
Virtual Disk Image dsk, hdd, hds, vdi, vhd, vhd, vhdx, vmdk
Zip Archive file types, including: dmg, iso, rar, tar, tgz, zip
File categories can help uncover mismatched file extensions
Where possible, we determine the file category based on the file contents, not the file extension. Examining the contents can highlight instances where a user changes a file extension. For example, if a file event has the file category Spreadsheet but the Filename uses the .jpg extension, it may indicate an attempt to hide or exfiltrate data.

In addition, the file mismatch risk indicator automatically identifies high-risk file mismatches that may indicate a file with an unexpected extension was renamed, downloaded, or shared.
  • Was this article helpful?