This detection rule is designed to monitor unauthorized attempts to export data from Bitbucket, specifically focusing on instances where individuals without proper permissions attempt to trigger a full data export. It leverages audit logs generated by Bitbucket when set to an 'Advance' logging level. The rule activates when the audit type is categorized under 'Data pipeline' and an action labeled 'Unauthorized full data export triggered' is detected. The primary goal is to identify potential data breaches or misuse of sensitive data that could lead to security incidents. As unauthorized exports can expose critical repository information, such monitoring is vital for maintaining data integrity and security within Bitbucket environments.