Cybersecurity detection and mitigation system using machine learning and advanced data correlation

What is claimed is: 1. A method, comprising: receiving, by a computer system, an access indication of a particular access attempt to access a particular electronic resource by a particular user; responsive to the receiving the access indication, the computer system accessing: a user behavior model generated based on user behavior patterns derived from previously-received indications of previous access attempts by a plurality of different users for accessing a plurality of different electronic resources, wherein the plurality of different users have different user attributes, and a system access model generated based on access patterns derived from access records associated with the plurality of different electronic resources, wherein the plurality of different electronic resources have different system characteristics; analyzing, by the computer system, the access indication using the user behavior model and the system access model, wherein the analyzing comprises determining that the particular access attempt corresponds to a first user behavior pattern associated with one or more users having one or more common user attributes with the particular user and determining that the particular access attempt corresponds to a first access pattern associated with one or more electronic resources having one or more common system characteristics with the particular electronic resource; based on a result of the analyzing the access indication using the user behavior model and the system access model, the computer system identifying one or more access anomalies related to the particular access attempt to access the particular electronic resource; and implementing, by the computer system, one or more mitigation actions based on the one or more access anomalies. 2. The method of claim 1 , wherein the plurality of different electronic resources includes at least two different types of electronic resources, the at least two different types of electronic resources comprising at least two of a network communications port, a computer file, a database table, or an operational database including data for a plurality of users. 3. The method of claim 1 , wherein the plurality of different users includes at least two users with a differing attribute including at least one of: a geographical location, a user identifier, user account privileges, or a membership in a particular company department. 4. The method of claim 1 , wherein the previously-received indications of previous access attempts include: a user identifier corresponding to a user account associated with the access attempt, a user level of access identifier associated with the user account, a device identifier corresponding to a particular device used to attempt access, a time period associated with the access attempt, an access location associated with the access attempt, or a result of the access attempt, wherein the user behavior model includes expected user access profiles for one or more of the plurality of users based on the previously-received indications, and wherein the identifying the one or more access anomalies is based on a comparison between the particular access indication to the expected user access profiles. 5. The method of claim 1 , wherein the particular electronic resource includes a plurality of components, wherein the access records include: one or more indications of when a particular component was previously accessed, one or more first indications of particular user accounts used to access the particular component, one or more second indications of access locations associated with previous access attempts, wherein the system access model includes expected system access profiles for one of more of the plurality of components based on the access records, and wherein the identifying the one or more access anomalies is based on a comparison between the particular access indication to the expected system access profiles. 6. The method of claim 1 , wherein the one or more mitigation actions include one or more of granting partial access to the electronic resource, denying access to the electronic resource, requiring additional verification from the particular user, or transmitting an alert to an entity other than the particular user. 7. The method of claim 1 , wherein the access indication is for an access by an internal user to a database containing transactional information for a plurality of users of an electronic transaction service. 8. The method of claim 1 , wherein the user behavior model and the system access model were created using one or more machine learning algorithms, and wherein the method further comprises: updating at least one of the user behavior model or the system access model based on additional access attempt data for one or more of the plurality of electronic resources. 9. The method of claim 1 , wherein the computer system comprises one or more computing devices of an entity, wherein the electronic resource is a resource connected to an intranet of the entity, and wherein the particular user is an employee or contractor of the entity. 10. A non-transitory computer-readable medium storing instructions that when executed by a computer system cause the computer system to perform operations comprising: receiving an access indication of a particular access attempt to access a particular electronic resource by a particular user; responsive to the receiving the access indication, accessing: a user behavior model generated based on user behavior patterns derived from previously-received indications of previous access attempts by a plurality of different users for accessing a plurality of different electronic resources, wherein the plurality of different users have different user attributes, and a system access model generated based on access patterns derived from access records associated with the plurality of different electronic resources, wherein the plurality of different electronic resources have different system characteristics; analyzing the access indication using the user behavior model and the system access model, wherein the analyzing comprises determining that the particular access attempt corresponds to a first user behavior pattern associated with one or more users having one or more common user attributes with the particular user and determining that the particular access attempt corresponds to a first access pattern associated with one or more electronic resources having one or more common system characteristics with the particular electronic resource; based on a result of the analyzing the access indication using the user behavior model and the system access model, identifying one or more access anomalies related to the particular access attempt to access the particular electronic resource; and implementing one or more mitigation actions based on the one or more access anomalies. 11. The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise: electronically receiving human feedback regarding a result of the implemented one or more mitigation actions, wherein the human feedback is not from the particular user; and updating a mitigation model based on the human feedback, wherein the updating causes the mitigation model more likely or less likely to select the one or more mitigation actions for a future access attempt to the electronic resource that shares characteristics with the particular access attempt. 12. The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise excluding data for a plurality of access attempts to an identified electronic resource when building at least one of the user b