主权项 |
1. A computer-implemented method of identifying malicious code insertion in trusted environments, the method comprising the steps of:
(a) connecting an analysis server to a computing device utilized by a software developer to develop at least a portion of a software program; (b) collecting, via a plurality of sensor modules coupled to the analysis server, behavioral tracking data from the computing device, the behavioral tracking data indicating a software developer behavior during software development and including metadata indicating a development action, the development action caused by the software developer behavior; (c) storing, in a database communicatively coupled to the analysis server, the behavioral tracking data; (d) analyzing, via the analysis server, the software program for the presence of malicious code, the analysis including a comparison of the stored behavioral tracking data to a baseline behavior parameter stored in the database; (e) flagging, via the analysis server, the development action where the analysis indicates malicious code insertion; and (f) presenting, via a user interface communicatively coupled to the analysis server, an analysis report, the analysis report comprising an analyzing step result and a flagging step result. |