With the launch of our Helix source code management and content collaboration platform, we’ve added a lot of new capabilities to our version management system. Get an overview our new DVCS capabilities, Git Management, Threat Detection and more.
2. What we’ll talk about today
• New challenges for product
development
• Our vision for cross-team
collaboration
• Introducing Perforce Helix
• Q&A
2
Charlie McLouth
Senior Director
Solutions Engineering
Chris Hoover
Global Vice President
Products & Marketing
4. New cross-team challenges
4
DevOps
• Poor visibility between teams
introduces friction and design
errors
• Poor component reuse results
in higher production costs
• More delays, less efficient
product delivery
• Increased risk of poor quality
code
media
docs
designs
5. Increased risk of IP theft
5
DevOps Chief Security
Officer
code
media
docs
designs
6. The impact of IP theft
• Annual losses due to IP theft > $300B
• “The greatest transfer of wealth in history”
• Subsidizes competitors and foreign
suppliers
• Diminishes productivity growth,
innovation, product advancements
6
7. Our Goal: Connect, protect & support
7
• Contributors work within
their familiar tools and
workflows
• Platform supports all assets,
regardless of
type or size
• Scalable, highly available
• Secured IP & theft detection
• Cross-team collaboration,
lower cost
11. What you’ve asked for in a DVCS…
• Greater productivity
• “Doesn’t matter what it is as long as it’s Git.”
• Web experience for managing Git
That’s why Perforce now offers a choice of…
• Native Helix DVCS
• Git Fusion
• A complete Git ecosystem
11
13. Modern product development
• Native support in the core
• New push/fetch protocol (built for speed
and large data sets)
• Move content and metadata between
servers and peers
• Relocate content as part of push/fetch
• Enterprise-grade security/access control
• Meticulous preservation of history and
audit trails
13
Shared
Repository
Developer
Repository
Developer
Repository
Developer
Repository
Push
Fetch
16. GitSwarm: Complete Git ecosystem
16
• Self service repos
• Pull requests
• Permissions
• Issue tracking, etc.
17. Integrated within Helix
17
• Distributed environment for
developers
• Git experience and workflow
equivalent to well known tools
Configurable sync
• Single source of truth
• Perforce reliability and stability
protecting your assets
Helix Versioning EngineGitSwarm
19. Customer: $20B manufacturer
19
2 engineers
stole data
1 YEAR
$1 million spent
Large security vendor
failed to find anything
2 WEEKS
Easily identified
the 2 engineers
Found 3 additional
users stealing data
in North America
Found 8 additional
users stealing data
outside North
America
THREAT
DETECTION
X
20. Reduces noise and false positives
• Each entity maintains a persistent risk score
(user, machine, asset)
• Risk scores change based on activities
• Real-time aggregation of multiple events
“connects the dots” of related activities
20
John Smith is accessing an unusual, important file 25
… at a time of day he was almost never active at before 46
… and took from a source code project that has been inactive for months 80
… and is downloading more source code from more folders than his peers 96
Behavioral
Risk Model
Behavioral
Risk Score
Entity Risk
Model
Entity Risk
Score
21. Helix Threat Detection
21
Analytics Modeling
• Baselines and creates clusters
• Learns Patterns
• Learns Anomalies (unusual hours,
data volumes, application types &
more
Risk Scoring
• Risk by User
• Risk by Activity
• Risk by File
• Risk by Time
• Risk by Volume
• Risk by Method/Exit
Verification & Investigation
• Highly Readable Event Alarms
• Very Intuitive UI
• Executive Reporting
All Users
Riskfrom0-100
BEHAVIORAL ANALYTICS
2
0
5
23
Wintermute Wintermute 89
Armitage 82
Hideo 26
Maelcum 26
Molly 25
Aerol 25
Strayllight 25
Case 18
Chiba 8
Proteus 7
25. Helix Enterprise OnDemand
• Full capabilities of Helix Enterprise
• Single-tenant environment
• Tailored to your needs
• Delivered, managed and
supported by Perforce
25
26. Introducing Helix Cloud
• Multi-tenant SaaS offering
with free and premium tiers
• Git and P4D private repo hosting
with full remote access
• Very large files welcome
• Simple, social sharing for
non-technical users
• Easily import content from
third-party repositories
26
27. In summary
• Native enterprise-grade DVCS
• New solution for Git
• New solution for IP threat
detection
• Available on premise
and cloud
27
28. A better way to build complex products
28
code
media
docs
designs
Telling the story in a short version:
Company came to us after they found 2 engineers had stolen a large amount of very high value data
The company spent a year and over a million dollars working with a traditional security player and were unable to deploy a tool that would have detected these two engineers - traditional approaches failed.
They were a Perforce customer and approached Interset and Perforce to see if analytics could be the answer.
The company sent us 30 days of log data, including the theft by these users, to see if we could surface the attack – and it was easy. In two weeks, we had clearly defined the attacks of these two users. We also discovered 11 others that were stealing from them – they had no idea. Three in North America – action has been taken against them – and eight in China currently being investigated.
It is important to understand that the company was struggling with two problems
They had no visibility into the activities in their Perforce environment. They could not see if users were stealing data – or any risky activity
The company had over 20K developers – that means the 30 days of logs contained millions of events that occurred in the Perforce system.
Behavioral analytics was able to collect, correlate, analyze and score all of those events. The result – the users doing bad things scored the highest risk…. And were found.
We can solve the really hard threat problems – we can see things other tools cannot see. How? ...
Other Anecdotes:
Four engineers from a large company over a period of time stole a lot of data when they left the company and went to a competitor. It took this company almost nine months to determine what had happened afterwards. They found out from a 3rd party, a partner of both companies, that suddenly some of the things started looking the same. They were seeing some of the same design specs and the same training manuals were showing up. When they went back and looked, sure enough they found out that this attack had taken place.
Helix Threat Detection could have discovered this suspicious activity while it was happening, tell you exactly who to looked at what, and what to worry about. And you can dig in and look at the activity in terms of a time period, from a person, or from the perspective of a project or file folder structure, and prevent the data theft.
A large company kept inactive projects accessible for a long time. An insider breached the source code of these open projects, and this was undiscovered until many years later when a similar game was observed running and available in China.
In additional to Behavioral Risk algorithms, the Helix Threat Detection product also calculates Entity Risk, summarizing multiple behavioral risk scores or events into a single risk “story”. This completely unique approach reduces noisy false positives to highlight very anomalous activity or combinations of behaviors into a single risk view that focuses attention from limited resources to the top anomalous “risky” threats.
Helix Threat Detection uses advanced behavioral analytics and machine learning to evaluate every event that occurs and applies a risk score to each. It then “connects the dots” of high risk events and surfaces the most important ones to take action on. What caused the risk, who is involved and what projects/files or other assets are at greatest risk are all clearly defined in easy to understand terms and with just one or two clicks.
In screen one, the highest risk account and projects are easily defined. Note that the data is anonymized for privacy protection.
With one click to screen two, the interactions between accounts and projects are defined. Clicking to expand a story brings you to screens 3 and 4 to quickly see the details of the risky actions.
Easy to understand language explains exactly what happened to what project, and who was involved and when.
Helix Threat Detection uses advanced behavioral analytics and machine learning to evaluate every event that occurs and applies a risk score to each. It then “connects the dots” of high risk events and surfaces the most important ones to take action on. What caused the risk, who is involved and what projects/files or other assets are at greatest risk are all clearly defined in easy to understand terms and with just one or two clicks.
In screen one, the highest risk account and projects are easily defined. Note that the data is anonymized for privacy protection.
With one click to screen two, the interactions between accounts and projects are defined. Clicking to expand a story brings you to screens 3 and 4 to quickly see the details of the risky actions.
Easy to understand language explains exactly what happened to what project, and who was involved and when.