Lunchtime Bite: How to Prevent Your Digital Assets from Walking Out the Company Door
-
Upload
perforce -
Category
Technology
-
view
498 -
download
2
Transcript of Lunchtime Bite: How to Prevent Your Digital Assets from Walking Out the Company Door
Lunchtime Bite:
How to Prevent Your Digital Assets from Walking Out the Company Door
8th July 2015
2
What we will cover in today’s Bite
Challenges and cost of protecting intellectual property Helix Threat Detection overview Helix Threat Detection Demo Q&A
3
The challenges of silo’ed IP Friction between teams
and design errors
Poor component reuse results in higher production costs
More delays, less efficient product delivery
Increased risk of quality issues
DevOps
code
reqs
specs
design
4
Increased risk of IP theft
DevOps
code
reqs
specs
design
Chief Security Officer
[ Even more separated ]
5
IP theft is a growing issue
• Annual losses due to IP theft >$300B• “The greatest transfer of wealth
in history”• Subsidizes competitors and foreign
suppliers• Diminishes productivity growth,
innovation, product advancements
6
Contributors
Consumers
Perforce Helix Platform Flexible Workflows
Version control, code reviews, simple file sharing
Fast and Scalable10 to 10,000+ on each trunk
Every FileEfficiently handles large, often binary, data
EverywhereSupports geographically distributed teams
Secure Granular permissions & theft detection
CSO
7
Customer: $20B manufacturer
2 engineers stole data
1 YEAR
$1 million spentLarge security vendor failed to find anything
2 WEEKS
Easily identified the 2 engineers
Found 3 additional users stealing data in North America
Found 8 additional users stealing data outside North America
THREATDETECTION
X
8
Helix Threat Detection
Analytics Modeling• Baselines and creates clusters• Learns Patterns • Learns Anomalies (unusual hours,
data volumes, application types & more
Risk Scoring• Risk by User • Risk by Activity • Risk by File• Risk by Time • Risk by Volume• Risk by Method/Exit
Verification & Investigation• Highly Readable Event Alarms• Very Intuitive UI • Executive Reporting
All Users
Ris
k fro
m 0
- 10
0
BEHAVIOURAL ANALYTICS
2
0
5
23
Wintermute Wintermute 89Armitage 82
Hideo 26Maelcum 26
Molly 25Aerol 25
Strayllight 25Case 18
Chiba 8Proteus 7
9
Reduces noise and false positives
Each entity maintains a persistent risk score (user, machine, asset)
Risk scores change based on activities Real-time aggregation of multiple events
“connects the dots” of related activities
John Smith is accessing an unusual, important file 25… at a time of day he was almost never active 46… and took from a source code project that has been inactive for months 80… and is downloading more source code from more folders than his peers 96
Behavioural Risk Model
Behavioural Risk Score
Entity Risk Model
Entity Risk Score
10
Interactive risk reporting and drilldown
11
Data & analytic modelsWanderer (access folders/projects)
• Anomalous folder access• Inactive folder access
Sneaker (access times)• Anomalous working hours• Anomalous working days
Moocher (take more than post)• Anomalous total mooch• Sudden mooch• High mooch
Hoarder (anomalous take, volume, folders)• Unusual project take (2 models)• Inactive project take• Large sudden unusual take (4 models – self & group)• Large sudden unusual take - per project
(4 models – self & group)
General Models• Activity from rare user• Aggregate anomaly• Persistent anomaly
Data Types
Timestamp (Date/Time)
User
Resource (Folder Structure)
Action (Give/Take)
Item Number
Client
Size
12
Demo
13
Provide 30 Days Log Data Run Analytics Executive ReportTimestamp
User
IP Address
Action - Commit - Sync - Get
Resource folder - File- Path
No need to install & configure system for testing Simply provide logs to prove the product meets your use case
Anonymized Fields
EncryptedResults
Risk Analysis Report
14
What we have covered in today’s Bite
Challenges and cost of protecting intellectual property Helix Threat Detection overview Helix Threat Detection Demo Q&A
Questions?
John [email protected]@p4jap