Internal threats in today's era are complex and crucial in the cyber security domain. Understanding dynamic and multivariate user behaviour is challenging too. Traditional sequential and time line based methods cannot easily address the complexity of temporal and relational features of user behaviours. Hence, we need an Al based report which enables analysts to understand user behaviour patterns which results in identification of anomalies. We can strengthen our security further by including access management as the core of Zero Trust architecture to create a Zero Trust extended ecosystem.