
Overview
Incydr allows you to see and stop data leak and theft across endpoints, browsers and cloud. It prioritizes the highest risk employee activity using over 250 contextual Incydr Risk Indicators. Incydr offers a full range of response controls to educate, contain, or block users based on the offender and offense. With Incydr, organizations gain control over data leak and theft while driving secure work habits among employees to decrease risk to data in the future.
Get the visibility, context and controls needed to:
Detect data theft on day 1: Protect your source code, intellectual property, and other sensitive data. Detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. See how files are moved and shared across your entire organization without the need for policies or proxies. Incydr automatically identifies when files move outside your trusted environment, allowing you to easily detect when files are sent to personal accounts and unmanaged devices.
Tailor your response to the offender and offense: Take action with appropriate response controls to communicate, correct, block, and contain detected risk. Leverage Code42 Instructor to correct employees when data is shared inappropriately in order to prevent risky activity from becoming the norm. Block unacceptable activity in real time for your highest risk users. Integrate with your tech stack to quickly contain insider threats while security investigates.
Ally the business with security: Seamlessly integrate with cross functional systems such as messaging, HCM and ITMS systems. Incydr does not impact end user productivity so employees complain less about security getting in the way of work, and security teams can focus their time on bigger data risks.
To learn more about Incydr, visit <www.code42.com/incydr/ >
For information on Incydr's pricing dimensions as listed below, visit https://www.code42.com/incydr-plans/
Contact us at https://www.code42.com/contact-sales-aws/
Customer story: Hear how Lyft uses Incydr to take the blinders off of high value data movement: https://www.code42.com/case-studies/lyft/
Over 65 Gartner Peer Reviews and a nearly 5 star rating: https://www.gartner.com/reviews/market/insider-risk-management-solutions/vendor/code42
Read the Gartner 2023 Market Guide for Data Loss Prevention Solutions: https://www.code42.com/resources/external-reports/market-guide-for-data-loss-prevention-2023
Our product is sold as a Private Offer through one of our Consulting Partners. To request a Private Offer, please Contact us at: https://www.code42.com/contact-sales-aws/ or email us at aws-marketplace@code42.com .
Highlights
- Cross platform endpoint agent: Windows, Mac, Linux to detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. 0 to 4% CPU, up to 100MB memory.
- API-based Exfiltration Detectors to monitor corporate cloud storage, email and business applications, including OneDrive, Google Drive, Box, Office 365 Email, Gmail and Salesforce.
- Integrations with SIEM, SOAR, EDR, IAM, PAM and more, plus open API and developer resources.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Free trial
Dimension | Description | Cost/12 months |
|---|---|---|
Horizon | Our most comprehensive plan, Premier plus support + Instructor | $1,000,000.00 |
Professional | Our most basic plan, includes 1 Cloud storage service and Base API | $1,000,000.00 |
Enterprise | Mid Level package, Includes premier support, full API access, and more | $1,000,000.00 |
Private Offer | Please contact us to request a Private Offer for accurate pricing. | $1,000,000.00 |
Vendor refund policy
Please See our website for more details on our refund policy <www.code42.com >
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Incydr Detailed product documentation on our self-service support site is available for help deploying, administering, and managing Incydr. Code42 Incydr Technical Support offers help in the way you need it: by web ticket, chat, or phone. Support Engineers are available 24/7 for urgent priority issues, and are based in US offices. https://support.code42.com/hc/en-us
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.


Standard contract
Customer reviews
Email protection has reduced phishing incidents and provides clear visibility into mail flow
What is our primary use case?
I have been using Mimecast Insider Risk Management and Data Protection for five years.
My main use case for Mimecast Insider Risk Management and Data Protection is to trace phishing emails, block users, and create policies when necessary. We use Mimecast Insider Risk Management and Data Protection to manage our mail flow.
In a specific example of how I traced a phishing email using Mimecast Insider Risk Management and Data Protection, we have a sender address, and through that address, we enter it to see how many users received those emails. We check records including SPF, DKIM, and DMARC, along with the sender's IP address. If we find the IP address indicates that the sender is suspicious, we block the sender address to prevent future emails.
All aspects of my main use case with Mimecast Insider Risk Management and Data Protection function properly.
What is most valuable?
Mimecast Insider Risk Management and Data Protection offers several best features, including being a very user-friendly tool where we can easily create policies, add or remove users, and block sender addresses or links, making it very useful for email protection.
Integration is also easy with Mimecast Insider Risk Management and Data Protection, as we can easily implement this in our Outlook client to scan emails and protect our environment from phishing threats.
Mimecast Insider Risk Management and Data Protection has positively impacted my organization because we are using it in its full version. We receive notifications and reports if we encounter any issues. When users report emails, we can check whether they are legitimate or blocked and advise them not to accept suspicious emails, making it very useful for data protection.
What needs improvement?
Mimecast Insider Risk Management and Data Protection can be improved by enhancing policies and rules.
One improvement I would suggest is to create a dashboard where we can view all data, such as how many emails we receive and how many get blocked, rather than having to go through subfolders. A dashboard would allow us to easily check everything on one screen.
For how long have I used the solution?
I have been working in my current field for nine years.
How are customer service and support?
Mimecast Insider Risk Management and Data Protection's customer support was good overall, but sometimes we did not receive timely responses, needing to wait two to three days for updates.
Which solution did I use previously and why did I switch?
We did not use a different solution before Mimecast Insider Risk Management and Data Protection. We started with the default Microsoft setup and then implemented Mimecast Insider Risk Management and Data Protection.
Which other solutions did I evaluate?
I did not evaluate other options before choosing Mimecast Insider Risk Management and Data Protection.
What other advice do I have?
I recommend considering Mimecast Insider Risk Management and Data Protection, as it is a very useful and user-friendly tool to protect our Exchange environment.
I can share specific outcomes where we have noticed a reduction in phishing incidents. Many times, we receive phishing emails in our environment. If emails reach user mailboxes, users can report any suspicious emails they encounter. When they report, we get the notification, and as admins, we scan those emails and check all relevant details.
I would rate this product an 8 out of 10.
Advanced protection has secured email, stopped phishing, and prevented data leakage
What is our primary use case?
I have been using Mimecast Insider Risk Management and Data Protection for around two years for data protection and risk management. It is used for email security protection against phishing attacks, malware, ransomware, and data leakage to protect the organization's email security.
What is most valuable?
Mimecast Insider Risk Management and Data Protection filters malicious emails, protects attachments and URLs, maintains email continuity during outages, and archives email for compliance. It protects from malicious URLs, credential theft, phishing websites, and newly created malicious URLs while preventing harmful attachments. The solution scans attachments before delivery and detects ransomware, trojans, and zero-day malware. Additionally, it protects from impersonation attempts; if someone impersonates a business email, it stops CEO fraud and business email compromise. It effectively prevents sensitive information from leaving the organization.
The best features Mimecast Insider Risk Management and Data Protection offers are URL protection, attachment management, impersonation attempts protection, and blocking senders. As I work in email security, URL protection and blocking senders are the most valuable features, and we use them day-to-day in our business.
Mimecast Insider Risk Management and Data Protection stops phishing by combining SPF, DKIM, and DMARC validation with anti-spam, impersonation protection, URL protection, attachment sandboxing, and machine learning-based threat protection to identify and block phishing attempts.
I track messages, release quarantined emails, manage policies, and investigate phishing incidents through Mimecast Insider Risk Management and Data Protection, which protects our organization positively.
What needs improvement?
Mimecast Insider Risk Management and Data Protection already provides data loss prevention through content examination and email encryption; however, the insider risk management and data protection could be enhanced by adding more intelligent, behavior-based detection and integration with enterprise security tools.
I wish for better integration with SIEM and XDR , specifically improved integration with platforms such as Splunk, Microsoft Defender, and Sentinel .
Mimecast Insider Risk Management and Data Protection is already providing strong email security and data loss prevention capabilities, but the insider risk management could be enhanced by adding advanced user behavior and analytics, including AI-based risk scoring and more context-aware data loss prevention policies. Deeper integration with SIEM and XDR platforms would improve visibility across the security system, and with better data classification and adaptive security policies, it would help reduce false positives and prevent sensitive data from leaving the organization.
For how long have I used the solution?
I have been working in the cybersecurity domain for almost four years.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable for our organization.
What do I think about the scalability of the solution?
Mimecast Insider Risk Management and Data Protection is delivered as a cloud-native SaaS architecture, so customers do not need to buy or maintain email security servers. As the organization grows, Mimecast scales its cloud resources to handle increased demand, providing easy user expansion and high email processing capacity.
How are customer service and support?
Mimecast Insider Risk Management and Data Protection provides technical support to help customers deploy, manage, and troubleshoot its email security services. Mimecast Insider Risk Management and Data Protection provides enterprise technical support through its support portal, phone, email, and an extensive knowledge base, so their support team assists with mail flow issues, email delivery, and policy management threat protection as well. Since it is a SaaS platform, software updates and security enhancements are managed by Mimecast, and I highly recommend Mimecast Insider Risk Management and Data Protection for email security.
Which solution did I use previously and why did I switch?
I did not previously use a different solution before Mimecast Insider Risk Management and Data Protection.
What was our ROI?
The main benefit is time saved; I am not sure about money saved, but it is definitely time saved.
Which other solutions did I evaluate?
Our client has chosen Proofpoint over Mimecast Insider Risk Management and Data Protection because they are highly recommended to the Proofpoint solution rather than Mimecast Insider Risk Management and Data Protection.
What other advice do I have?
Mimecast Insider Risk Management and Data Protection is using artificial intelligence and machine learning to improve email security by analyzing and identifying threats; for example, a new phishing email pretending to be from Microsoft 365 may be blocked because AI identified suspicious language and sender characteristics.
It can help detect phishing, business email compromise, spam, malicious URLs, and suspicious attachments by analyzing email content.
In the future, AI could further enhance Mimecast Insider Risk Management and Data Protection through advanced user behavior analytics and AI-assisted incident investigations. I provide this review with a rating of 8 out of 10.
Behavior correlation has improved insider risk detection and simplifies daily threat monitoring
What is our primary use case?
Mimecast Insider Risk Management and Data Protection serves as a risk management solution that monitors user activity signals across M365 services including email, SharePoint , OneDrive, Teams, and endpoint activity.
On a daily basis, I use Mimecast Insider Risk Management and Data Protection to monitor new risk threats, high severity cases, user flags, and level scores by checking the risk management dashboard. Currently, there are no primary use cases within my organization beyond this monitoring function.
What is most valuable?
Mimecast Insider Risk Management and Data Protection offers behavior correlation as one of its best features, which provides risk-based user profiling and rule-based triggers.
This functionality helps my team because it compiles signals from emails, Teams, SharePoint , and OneDrive endpoints more quickly. The solution connects multiple actions over time and builds a comprehensive risk picture of each user.
Mimecast Insider Risk Management and Data Protection has positively impacted my organization by enabling investigation of risk behavior and user behavior, reducing potential data leakages, improving awareness of sensitive data handling across users, strengthening compliance with internal policies and regulatory requirements, and streamlining incident investigation through centralized case management. Overall, it has enhanced my organization's ability to proactively identify insider threats while minimizing manual effort for the security and compliance team.
What needs improvement?
Improvements could be made through AI-based risk explanations to provide better guidance on necessary enhancements to the platform.
What other advice do I have?
I cannot provide specific metrics regarding the reduction of manual effort. Regarding Mimecast Insider Risk Management and Data Protection's AI capabilities, its governance capabilities are not as deep or unified as purpose-built insider risk platforms such as Microsoft Purview .
I have observed false positives because the solution is rule-based. My review rating for this solution is 9.
Email protection has reduced phishing and spam by enabling precise domain and user controls
What is our primary use case?
My main use case for Mimecast Insider Risk Management and Data Protection includes blacklisting the domain, privacy suppression, creating new groups, creating new rules, checking the domain, checking the conflict of the mails, and managing spam mails.
In my current organization, we receive a lot of spam mails and phishing mails, so we blacklist the domain name by going into Mimecast Insider Risk Management and Data Protection , accessing the privacy suppression feature, and adding that domain. Once we add that domain, it is blacklisted, and we will not receive any mails from that particular domain in our tenant.
Whenever unwanted mail is sent to our tenant, we receive a ticket to action, which involves going into Mimecast Insider Risk Management and Data Protection to blacklist the domain or add it to privacy suppression.
What is most valuable?
The best feature of Mimecast Insider Risk Management and Data Protection is that once I add the domains to be blacklisted or create an exclusion list or add domains in the privacy suppression, I never receive mails from similar domains, which safeguards our tenant effectively. Additionally, we can whitelist specific users from blacklisted domains, which is a great and helpful feature.
The flexibility of Mimecast Insider Risk Management and Data Protection helps my organization by ensuring we do not receive mails from unwanted domains that often carry fraudulent offers or phishing attempts, like those with fake domain names. If we have blacklisted a domain but need to receive mail from a particular user, we add that user's email ID to the allowed user list.
Mimecast Insider Risk Management and Data Protection handles incident response effectively by integrating with our ticketing system, allowing for timely action when unwanted mails are received. It integrates well with other security tools like CrowdStrike, SentinelOne, and Microsoft Defender, providing in-depth insights while safeguarding against unwanted and suspicious mails.
What needs improvement?
Everything in Mimecast Insider Risk Management and Data Protection is good, and nothing requires improvement. However, I would suggest adding features like AI and automation, as this application is used by various teams, and automating processes like blacklisting unwanted email domains could greatly benefit users and customers.
Mimecast Insider Risk Management and Data Protection should provide the flexibility to customize the application features based on the company's needs.
For how long have I used the solution?
I have been using Mimecast Insider Risk Management and Data Protection for four years.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable.
What do I think about the scalability of the solution?
I would rate the scalability of Mimecast Insider Risk Management and Data Protection around 9.5, as it is highly scalable and widely used by many organizations, including large enterprises.
How are customer service and support?
The customer support for Mimecast Insider Risk Management and Data Protection is really good. I would rate the customer support a perfect 10.
Which solution did I use previously and why did I switch?
I have never used a different solution; we have always been with Mimecast Insider Risk Management and Data Protection. Before choosing Mimecast Insider Risk Management and Data Protection, we evaluated options such as Defender and Sophos, but found Mimecast Insider Risk Management and Data Protection to be the best.
How was the initial setup?
Integrating Mimecast Insider Risk Management and Data Protection with our existing systems was really easy and not difficult at all.
What was our ROI?
While I cannot quantify savings in money, Mimecast Insider Risk Management and Data Protection has significantly saved time and enhanced our environment's security from attacks and threats.
What's my experience with pricing, setup cost, and licensing?
I find the pricing, setup cost, and licensing of Mimecast Insider Risk Management and Data Protection to be reasonable; it is not overly high or low, given the quality of service and customer support provided.
What other advice do I have?
Mimecast Insider Risk Management and Data Protection is useful and beneficial for securing the environment and matching compliance policies, making it worth buying the license.
I find Mimecast Insider Risk Management and Data Protection to be a great application that safeguards the complete tenant and manages mail flow smoothly. Over the past four years of using this application, I have never encountered any conflicts between the mailing services and Mimecast Insider Risk Management and Data Protection, making it an excellent choice for security and threat intelligence.
Mimecast Insider Risk Management and Data Protection has positively impacted my organization by protecting us from a lot of unwanted spam and phishing mails, as users are often unaware of what to click on in emails. It has helped safeguard our complete tenant from these types of threats.
Since using Mimecast Insider Risk Management and Data Protection, the unwanted mails for our tenant have decreased by 95% compared to before we migrated to this application.
Currently, I work in a production company, and it is very useful in day-to-day life, such as blacklisting domains and safeguarding our tenant and users from spam mails, phishing mails, and vulnerability management. It quarantines unwanted mails quickly and easily, providing safety and protection from threat attacks.
Mimecast Insider Risk Management and Data Protection integrates well with other security tools like CrowdStrike, SentinelOne, and Microsoft Defender, providing in-depth insights while safeguarding against unwanted and suspicious mails.
I would rate Mimecast Insider Risk Management and Data Protection a nine out of ten.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Email protection has eliminated incidents and now secures sensitive data and insider risks
What is our primary use case?
I use it for email threat protection or DLP in my day-to-day work by enabling the impersonation protection, attachment protection, URL protection, and also enabling the DKIM, DMARC, and SPF record. I also enable all the spam filters, create the proper policies, profile group policies, and other things.
How has it helped my organization?
Since implementing Mimecast Insider Risk Management and Data Protection, I have seen specific outcomes such as achieving zero incidents over the last five years.
What is most valuable?
Out of all those features, I find preventing sensitive data leaks as well as inside threat detection and DLP the most valuable and essential.
What needs improvement?
Regarding Mimecast Insider Risk Management and Data Protection's AI capabilities, I think its governance and security are effective because it has reduced false positives in data protection as well as inside risk alerts, improved real-time detection of data exfiltration attempts, expanded monitoring to email, M365 teams, SharePoint , increased automation for incident response and remediations, and improved integration with SIEM and SOAR .
I find Mimecast Insider Risk Management and Data Protection's AI accuracy and reliability of its output to be consistent and trustworthy for my organization.
For how long have I used the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
Which solution did I use previously and why did I switch?
I switched from Proofpoint to Mimecast Insider Risk Management and Data Protection because Proofpoint is not accurate, not user-friendly, and has more false positives compared to Mimecast Insider Risk Management and Data Protection.
How was the initial setup?
What about the implementation team?
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
What other advice do I have?
I observed that the AI-powered risk score has improved, with automation in place using AML, so that most threats are detected and there are fewer false positives. I gave this product a 10 out of 10 rating because of these capabilities.