Code42 has enhanced source code exfiltration detection within its Code42 Incydr product to specifically support Git push commands to personal or unsanctioned code repositories, whether GitHub, Bitbucket, Azure DevOps, and other Git-supported platforms.
Incydr detects and prioritizes data transfer to locations other than your sanctioned locations and then alerts security analysts with the context they need to take swift action through an appropriate response control. This capability is available for Windows, Mac, Linux and VDI environments.
“Tools like Git and GitHub are absolutely critical to the software development cycle. Unfortunately, they also present major challenges from a security perspective. Security teams need a way to see what unsanctioned Git activity is occurring, and quickly respond when source code is going to an untrusted location – all while continuing to remain unobtrusive for development teams,” said Rob Juncker, CTO at Code42.
For many organizations, especially leading technology, medical device and software companies, source code is their single most valuable intellectual property (IP), to which insiders – malicious or not – present the biggest risk. Many software developers and engineering teams utilize Git to create source code.
Much of their Git usage is sanctioned as part of their everyday work – including creating and updating code and pushing it to corporate or open source repositories. However, engineers who want to exfiltrate source code could also use Git to send proprietary source code to personal or unsanctioned code repository services.
The theft of IP is a vast, and likely underreported, problem for organizations working to retain their source code. In fact, telemetry data from Incydr shows that the volume of exfiltrated source code increased 28% during 2021.
Furthermore, the most recent update from the Commission on the Theft of American Intellectual Property estimates the annual cost of U.S. intellectual property theft at between $180 billion and $540 billion.