User behavioral analytics for source code repos
Description
Proprietary source code is a company's crown jewels. Regardless of the industry sector, there's great interest in making sure the source code stored in repos is not being exfiltrated or accessed in an unauthorized manner. This proposal will highlight a market differentiator in combining a capability to store and baseline typical user behaviors with repo access, and alerting on atypical actions (User Behavioral Analytics).
Proposal
Leverage user behavioral baselines for repo access and actions to determine a typical baseline and alert on atypical behaviors.
Utilize security audit logs relating to user access and actions taken in repo, combining this with timestamps to determine whether an action was taken in an atypical (compared to baseline behavior) manner.
Provide customers with a whitelist interface so that they can add in their own rules to alert on.
Build in machine learning heuristics on the back end to process baseline behaviors and programmatically determine new 'unknown unknowns'.
Links / references
https://en.wikipedia.org/wiki/User_behavior_analytics