Sold by: Code42
Deployed on AWS
Free Trial
AWS Free Tier
A data protection solution to help organizations see and stop data loss from insiders
4.2
Overview
Incydr allows you to see and stop data leak and theft across endpoints, browsers and cloud. It prioritizes the highest risk employee activity using over 250 contextual Incydr Risk Indicators. Incydr offers a full range of response controls to educate, contain, or block users based on the offender and offense. With Incydr, organizations gain control over data leak and theft while driving secure work habits among employees to decrease risk to data in the future.
Get the visibility, context and controls needed to:
Detect data theft on day 1: Protect your source code, intellectual property, and other sensitive data. Detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. See how files are moved and shared across your entire organization without the need for policies or proxies. Incydr automatically identifies when files move outside your trusted environment, allowing you to easily detect when files are sent to personal accounts and unmanaged devices.
Tailor your response to the offender and offense: Take action with appropriate response controls to communicate, correct, block, and contain detected risk. Leverage Code42 Instructor to correct employees when data is shared inappropriately in order to prevent risky activity from becoming the norm. Block unacceptable activity in real time for your highest risk users. Integrate with your tech stack to quickly contain insider threats while security investigates.
Ally the business with security: Seamlessly integrate with cross functional systems such as messaging, HCM and ITMS systems. Incydr does not impact end user productivity so employees complain less about security getting in the way of work, and security teams can focus their time on bigger data risks.
To learn more about Incydr, visit <www.code42.com/incydr/ >
For information on Incydr's pricing dimensions as listed below, visit https://www.code42.com/incydr-plans/
Contact us at https://www.code42.com/contact-sales-aws/
Customer story: Hear how Lyft uses Incydr to take the blinders off of high value data movement: https://www.code42.com/case-studies/lyft/
Over 65 Gartner Peer Reviews and a nearly 5 star rating: https://www.gartner.com/reviews/market/insider-risk-management-solutions/vendor/code42
Read the Gartner 2023 Market Guide for Data Loss Prevention Solutions: https://www.code42.com/resources/external-reports/market-guide-for-data-loss-prevention-2023
Our product is sold as a Private Offer through one of our Consulting Partners. To request a Private Offer, please Contact us at: https://www.code42.com/contact-sales-aws/ or email us at aws-marketplace@code42.com .
Highlights
- Cross platform endpoint agent: Windows, Mac, Linux to detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. 0 to 4% CPU, up to 100MB memory.
- API-based Exfiltration Detectors to monitor corporate cloud storage, email and business applications, including OneDrive, Google Drive, Box, Office 365 Email, Gmail and Salesforce.
- Integrations with SIEM, SOAR, EDR, IAM, PAM and more, plus open API and developer resources.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Horizon | Our most comprehensive plan, Premier plus support + Instructor | $1,000,000.00 |
Professional | Our most basic plan, includes 1 Cloud storage service and Base API | $1,000,000.00 |
Enterprise | Mid Level package, Includes premier support, full API access, and more | $1,000,000.00 |
Private Offer | Please contact us to request a Private Offer for accurate pricing. | $1,000,000.00 |
Vendor refund policy
Please See our website for more details on our refund policy <www.code42.com >
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Incydr Detailed product documentation on our self-service support site is available for help deploying, administering, and managing Incydr. Code42 Incydr Technical Support offers help in the way you need it: by web ticket, chat, or phone. Support Engineers are available 24/7 for urgent priority issues, and are based in US offices. https://support.code42.com/hc/en-us
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Code42
By LayerX Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Cross-Platform Endpoint Detection
Windows, Mac, and Linux endpoint agents detect file exfiltration through web browsers, USB, cloud apps, email, file link sharing, and Airdrop with minimal resource consumption of 0 to 4% CPU and up to 100MB memory.
Cloud Application Monitoring
API-based exfiltration detectors monitor corporate cloud storage, email, and business applications including OneDrive, Google Drive, Box, Office 365 Email, Gmail, and Salesforce.
Risk Indicator Analysis
Over 250 contextual risk indicators prioritize and identify highest-risk employee activity patterns.
Threat Response Controls
Response controls enable real-time blocking, user containment, and employee education based on specific offender and offense characteristics.
Security Integration Capabilities
Open API and integrations with SIEM, SOAR, EDR, IAM, and PAM systems enable cross-functional system connectivity.
Agentless Deployment
Discovers every datastore of every type using an agentless approach for instant deployment with a single point of integration for zero performance impact.
Data Classification
Detects and classifies data types leveraging both classic pattern matching and novel ML algorithms for classification accuracy.
Risk Detection and Visibility
Provides continuous visibility into all cloud data and associated risks across all datastores.
Data Context and Remediation
Provides insights including context, administrating user, access logs, data ownership and remediation guidelines to resolve identified risks.
Multi-Datastore Support
Maps and discovers all cloud datastores of every type within the environment.
Shadow AI and SaaS Discovery
Identifies and catalogs all AI applications and shadow SaaS instances in use across the organization to enforce security guardrails.
Data Loss Prevention for AI and Web Applications
Prevents sensitive data leakage across AI tools, SaaS applications, and web channels through content inspection and enforcement policies.
Browser Extension-Based Security Enforcement
Delivers security controls through an enterprise browser extension that monitors and enforces policies on user interactions with AI, SaaS, and web applications without requiring infrastructure changes.
AI Misuse and Prompt Injection Protection
Detects and prevents prompt injection attacks, compliance violations, and unauthorized AI usage patterns to protect against AI-specific threats.
Agentless Architecture with Last-Mile Visibility
Provides comprehensive visibility and control over user and agentic interactions at the browser level without requiring agent deployment on endpoints.
Standard contract
No
Customer reviews
Real Estate
Insightful, Verified User Reviews on Leading Services
Reviewed on May 26, 2026
Review provided by G2
What do you like best about the product?
Comprehensive email security solution that leads in this class of service.
What do you dislike about the product?
The learning curve is steep for some users but is getting better.
What problems is the product solving and how is that benefiting you?
Keeps our users protected from bad actors attempting to compromise networks and accounts.
Bukhosi Ndlovu
Client onboarding has become faster and user behavior analysis guides targeted risk training
Reviewed on May 25, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Mimecast Insider Risk Management and Data Protection is during the first instance when taking on a client, when conducting risk analysis, identifying where the gaps are, and establishing baselines of what the clients are experiencing, whether it is exfiltration or understanding what the users are using. This allows me to identify behaviors from end users and create policies to mitigate those risks.
A specific example of how I have used Mimecast Insider Risk Management and Data Protection to spot a risk or stop data loss involves onboarding the client, letting it run for some time, and then analyzing the data by pulling up executive reports. Depending on the licensing, I start the configuration and close the gaps identified in the risk assessment. In some instances, if the issue is user behavior, I create trainings for the end users to raise awareness about the risks, the direction the business is taking, and how to mitigate those risks. In my field, a fully equipped user is more valuable than depending solely on the technology.
What is most valuable?
Mimecast Insider Risk Management and Data Protection's best features in my experience include user behavior analysis, the executive risk summary for stakeholders, the analysis tools available for engineers and technical people, and the responsiveness of support. Mimecast support is very effective, and I can easily reach out to them whenever I need assistance.
Mimecast Insider Risk Management and Data Protection has positively impacted my organization by making it much easier to onboard a client and start using the technology. The simulation phase where insights are being built is not too long, and moving through that into a protective environment is straightforward. The multi-tenant capability is very helpful for us as a managed service provider because we can isolate clients.
User behavior analysis specifically helps my team and stakeholders by analyzing what users do and what they are prone to do, taking into account the data that Mimecast has processed. This gives direction on how to help that user become risk aware and cybersecurity aware. Support responsiveness is very effective because I understand that security solutions can impact business operations. If an executive needs to send an email to secure a deal and a normal business activity is being blocked, the vendor's responsiveness allows me to efficiently communicate to executives that we are working on the issue and can always show progress.
What needs improvement?
Mimecast Insider Risk Management and Data Protection can be improved by incorporating artificial intelligence and machine learning into the environment for ease of operation and handling processes at machine speed.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable in my experience. I have also tested the version on Microsoft, and while their licensing model is slightly different, it is very stable.
What do I think about the scalability of the solution?
Mimecast Insider Risk Management and Data Protection's scalability is one of the reasons we chose Mimecast because it is easy to scale up or down as the client base changes.
How are customer service and support?
Customer support for Mimecast Insider Risk Management and Data Protection is top-tier. I have never had any problems with the customer support, and they are very responsive.
What other advice do I have?
When onboarding a client, they want to see results sooner and want to see that they now have some level of security. Having a quick turnaround is always very beneficial because it shows presence to the client and to the end users. It also saves time because once all false positives have been cleared out, a solution can be relied upon. After tuning all those false positives, the solution becomes accurate, which is significant.
My advice to others looking into using Mimecast Insider Risk Management and Data Protection is to take a demo, see how it works, and get a look at the features. I am confident they will find it favorable. I would rate this product and experience with a five-star rating.
Livhuwani Ratshinanga
Email security has stopped malicious links and now protects users from risky spam every day
Reviewed on May 24, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Mimecast Insider Risk Management and Data Protection is email protection, blocking spam, and creating rules to avoid spam.
A specific example of how I use Mimecast for email protection and blocking spam is that users often receive emails containing links that could compromise our system or environment. In most cases, we check the link through Mimecast to determine if it contains malware or poses a risk. If the link is risky, we block it and the email that sent it, then notify all users not to click on that link. After blocking the link, even if another person attempts to click on it, they will not be able to access it.
Mimecast has additional benefits beyond manual blocking. Sometimes the system automatically detects and blocks malicious links or files without requiring manual intervention. When Mimecast identifies a malicious link or file, the user receives a notification that the email is blocked for our review to determine if it is safe. We have also created rules in our environment to specify what is allowed and what is not allowed.
What is most valuable?
The best feature that Mimecast Insider Risk Management and Data Protection offers is malware detection. I find it very useful because it detects and blocks threats before users can click on links or open documents.
The malware detection feature makes my day-to-day work easier and safer because as soon as an email arrives with a link or document that Mimecast identifies as malicious, it blocks it. This protects our environment by preventing the threat from spreading. Even though we conduct cybersecurity training, users sometimes click on links regardless, so Mimecast's ability to detect and block threats immediately stops them from spreading across the environment.
Mimecast Insider Risk Management and Data Protection has impacted my organization positively by protecting our environment from malicious links and spam. It detects and blocks links or removes attachments from emails, preventing them from spreading across our network.
What needs improvement?
To improve Mimecast Insider Risk Management and Data Protection, I believe the product should provide more options for creating custom rules in the portal. Since hackers are constantly developing new attack methods, Mimecast should continue evolving to keep pace with these threats and give us more options to create additional rules. There have been scenarios where we felt that if Mimecast could allow us to do certain actions, we could have blocked or avoided security issues, though I do not have a specific example at this moment.
I give Mimecast Insider Risk Management and Data Protection a rating of eight because there are several areas where I feel the product could improve. There are scenarios where we find ourselves wishing we could perform certain actions within the platform. Additionally, there have been instances where a document or link has bypassed Mimecast, causing us to question why it was not blocked before reaching users.
For how long have I used the solution?
I have been using Mimecast Insider Risk Management and Data Protection for five years. Since I joined Seacom, they have been using this solution.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable.
What do I think about the scalability of the solution?
I would rate the scalability of Mimecast Insider Risk Management and Data Protection between seven and ten.
How are customer service and support?
I think the customer support is good, and they respond on time.
What other advice do I have?
My advice for others looking into using Mimecast Insider Risk Management and Data Protection is that it is a nice product to use. I would give this product a rating of eight.
Joseph Makinta
Gained visibility into shared data and ensured email continuity but still need better configuration support
Reviewed on May 23, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Mimecast Insider Risk Management and Data Protection is to examine our SharePoint , OneDrive, and Teams platforms within our Microsoft Collaboration environment.
A specific example of how I'm using Mimecast with those Microsoft platforms is that we are checking what is currently being shared on that collaboration, what data might be leaving our organization, and we are putting controls in place to be notified of what is entering and also leaving our organization.
Mimecast Insider Risk Management and Data Protection becomes part of our challenge management because we are addressing the challenge of not having a data loss prevention tool in place. Since we don't have a DLP solution, this can be utilized to cover that space.
What is most valuable?
The best features that Mimecast Insider Risk Management and Data Protection offers include data security, which is about securing our organizational data. Data security is the best feature that comes with Mimecast Insider Risk Management and Data Protection. In terms of governance, we are able to ensure that the integrity of our data is maintained, as well as the confidentiality.
Mimecast Insider Risk Management and Data Protection helps me ensure the integrity and confidentiality of my data by filtering our emails. It is also our email backup solution where if our on-premises emails are not working, we can access our emails via Mimecast Insider Risk Management and Data Protection. We are also archiving through Mimecast Insider Risk Management and Data Protection. It serves as our email continuity solution. When filtering, we are filtering against phishing, spam, and other threats to ensure that our environment does not get compromised by those attacks.
Mimecast Insider Risk Management and Data Protection is not just about filtering; it is also an email continuity platform. For me, that is the best feature currently for us because if we are unable to access our emails, we know we can go to Mimecast Insider Risk Management and Data Protection to access our emails. Even if we are hit by a disaster, we know that we are still covered with Mimecast Insider Risk Management and Data Protection for our emails.
Mimecast Insider Risk Management and Data Protection has positively impacted my organization by giving us more visibility in terms of what our users are doing or which data they are sharing. Our organization is a high-profile judiciary organization in South Africa, so that visibility of what data has been shared and where is very important. Mimecast Insider Risk Management and Data Protection has afforded us that opportunity.
That visibility has made a difference by improving compliance because when we report to the Auditor-General, we are able to pull reports and show that this is the data that is currently being shared or traversing through our organization. Since we don't have a DLP solution, Mimecast Insider Risk Management and Data Protection is now covering us on that front.
What needs improvement?
Mimecast Insider Risk Management and Data Protection can be improved because we struggled with configurations. I suggest that Mimecast provide training and certification on that component and ensure that alerts are more accurate, including the fine-tuning of the alerts.
In terms of integration with other tools, there should be a look at the firewalls for integration to the perimeter security.
For how long have I used the solution?
I have been using Mimecast Insider Risk Management and Data Protection for approximately three to four months.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable.
What do I think about the scalability of the solution?
Mimecast Insider Risk Management and Data Protection has been able to keep up with our organization's growth, including adding more users, expanding across departments, and adapting to larger data volumes.
How are customer service and support?
The customer support is excellent.
Which solution did I use previously and why did I switch?
When I joined the organization, they were already on Mimecast Insider Risk Management and Data Protection. From other organizations, I have used other solutions, but at this organization, I have used Mimecast Insider Risk Management and Data Protection since I joined.
How was the initial setup?
My experience with pricing, setup cost, and licensing is good overall because we have the best account manager, so that experience was not problematic.
What was our ROI?
I cannot share a return on investment yet because we are still evaluating to determine the return on the investment.
Which other solutions did I evaluate?
Before choosing Mimecast Insider Risk Management and Data Protection, we evaluated other options such as Purview for the DLP solution, and cost made us move away from Microsoft.
What other advice do I have?
My advice to others looking into using Mimecast Insider Risk Management and Data Protection is to proceed with it because it is a solution worth implementing. I would rate this product a 6 out of 10.
Megha Pradhan
Fine-tuned policies have protected sensitive data and now prevent external document leaks
Reviewed on May 22, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Mimecast Insider Risk Management and Data Protection involves policy fine-tuning while analyzing patterns, incident response, and providing support and guidance to the user.
A specific example of how I use Mimecast Insider Risk Management and Data Protection for policy engineering or incident response involves working with PAN card and mobile numbers. Since we are in India, we are provided with phone number patterns, regex, and Aadhaar details as an Indian identifying number. Accordingly, we provide certain patterns so that Mimecast Insider Risk Management and Data Protection checks documents that should trigger our system to ensure nothing is violated. For the document part, as an e-commerce company, it checks that no business data is shared externally.
Regarding my main use case and how I handle sensitive information with Mimecast Insider Risk Management and Data Protection, we currently have some policies that we are not using, but we are working on different policies, such as those concerning various types of PII data. We are focused on fine-tuning to receive more critical alerts.
What is most valuable?
The best features Mimecast Insider Risk Management and Data Protection offers include providing a timestamp of each incident, which indicates when it triggers and its accuracy. However, some features we are not using yet, but we plan to proceed with them in the future.
Mimecast Insider Risk Management and Data Protection positively impacts my organization by helping us thoroughly check any kind of data that should not be mishandled, primarily for endpoint users who are sending organization documents outside. It helps us avoid any kind of data breach.
What needs improvement?
For the improvement of Mimecast Insider Risk Management and Data Protection, it would be helpful if the timestamps in the console and the timestamps in the emails where we get all outgoing mails were the same, as this would provide more clarity. Additionally, some documents do not fetch carbon copies in the emails, so we need help with that.
For how long have I used the solution?
I have been working in my current field for three years, with two years dedicated to the DLP part and one year in endpoint EDR.
What do I think about the stability of the solution?
Mimecast Insider Risk Management and Data Protection is stable.
What do I think about the scalability of the solution?
The scalability of Mimecast Insider Risk Management and Data Protection is good.
How are customer service and support?
Customer support for Mimecast Insider Risk Management and Data Protection is adequate, and they are helpful.
What other advice do I have?
Mimecast Insider Risk Management and Data Protection prevents data breaches by triggering alerts for each email sent outside, allowing us to see patterns of users sending documents externally. We analyze these incidents and patterns to work on any issues, and this also helps in the fine-tuning process.
I would rate Mimecast Insider Risk Management and Data Protection an eight out of ten because we need improvements in policies, and although I am not aware of other organizations' experiences, we are facing some lags, and there are points we must work on.
I advise others looking into using Mimecast Insider Risk Management and Data Protection to definitely use it for email security because it is very helpful. I have given this product an overall rating of eight out of ten.