Contents x
    Code42 Incyder
    • 10 Nov 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Code42 Incyder

    • Updated on 10 Nov 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Code42 Incyder (formerly Code42) is a next-gen DLP solution used to detect insider threats, satisfy regulatory compliance, and accelerate incident response investigations.

    Related Enforcement Actions:

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    • Users

    Parameters

    1. Code42 Domain (required) - The hostname or IP address of the Code42 server.
    2. Authentication Method (required) - Select whether to authenticate via user credentials or client credentials.
    3. User Name and Password (required) - If the authentication method is via user credentials, specify the credentials for a user account that has the Required Permissions to fetch assets.
    Note:

    These parameters are only displayed when the User Credentials option is selected from the Authentication Method dropdown.

    1. Client ID and Client Secret (required) - If the authentication method is via client credentials, specify the Client ID and Client Secret to be used to authenticate the request. For more information about obtaining a Client ID and Client Secret, see API Clients.
    Note:

    These parameters are only displayed when the Client Credentials option is selected from the Authentication Method dropdown.

    1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    2. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Code42_Incyder1


    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Use agents as the default for devices - Select this option to use the agents endpoint as the default for fetching devices.
    2. Fetch devices backup usage - Select this option to fetch the device's backup usage.
      Note:

      This only exists in newer versions (/api/v1) and not in the old version (/api).

    3. Use osHostname field as hostname - Select whether to use the os_hostname field fetched from Code42 as the device's hostname.
      • If selected, all connections for this adapter will use the osHostname field fetched from Code42 as the device's hostname.
      • If cleared, all connections for this adapter will use the Name field fetched from Code42 as the device's hostname.
    4. Filter by Org ID - Toggle on this option to filter by Org IDs. Then enter a comma separated list of Org IDs in the Org ID allow list, to only fetch from these Org IDs.
    5. Ignore Deactivated/Blocked Users - Select whether to ignore users fetched from Code42 with the values “Deactivated” or “Blocked” in the status field.
    6. Ignore Deactivated/Blocked Devices - Select whether to ignore devices fetched from Code42 with the values “Deactivated” or “Blocked” in the status field.
    Note:

    For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

    APIs

    Axonius uses the Code42 API.

    Note:

    To use the Code42 Incyder adapter, you must have a product plan that includes access to the Code42 API. For more details, see Code42 Support - API access.

    Required Permissions

    The value supplied in User Name must have Read access to devices with a read-only role. This role provides permission to access the data necessary to a given API resource. For more details, see Code42 support - Manage user roles.


    Was this article helpful?
    What's Next