Neo4j > Case Studies > Graph Technology Powers Cybersecurity Situational Awareness

Graph Technology Powers Cybersecurity Situational Awareness

Neo4j Logo
 Graph Technology Powers Cybersecurity Situational Awareness - IoT ONE Case Study
Technology Category
  • Cybersecurity & Privacy - Network Security
Applicable Functions
  • Facility Management
Use Cases
  • Cybersecurity
  • Cybersecurity Services
The Challenge

Cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. Doing so required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness.

Noel and his team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities. Specifically, these goals demanded a flexible architecture that accommodated advanced analytics, ad hoc queries and graph visualization, all of which they then lacked.

The Customer

MITRE Corporation

About The Customer

The MITRE Corporation is a federally-funded, not-for-profit company that manages seven national research and development laboratories around the United States – including the Center for National Security – to address issues of cybersecurity. Founded in 1958, MITRE works on projects in fields as diverse as national defense, energy, aviation, healthcare, and cybersecurity, among others, with over 8,000 employees in both its public-private partnerships and its independent research program.

The Solution

When Noel and his team discovered the Neo4j graph database, they used their lessons learned from Cauldron to develop CyGraph, a tool that transforms cybersecurity information into knowledge.

 It also incorporates mission dependencies, showing how objectives, tasks, and information all depend on other cyber assets.

Particularly, its knowledge base provides a rich framework for exploring the full stack of entities and relationships relevant to an agency’s mission readiness.

With graph technology, CyGraph is able to prioritize exposed vulnerabilities in mission-critical assets. In the face of attacks, it correlates intrusion alerts to known vulnerability paths and suggests courses of action. For post-attack forensics, it shows vulnerable paths that warrant deeper inspection.

Operational Impact
  • [Data Management - Data Availability]

    Provided government agencies with scalable, comprehensive analytic and visualization capabilities

  • [Data Management - Cyber Security]
    • Allowed agencies to capture a picture of their cybersecurity environment that connects previously isolated data points.
    • Leveraged existing tools, data sources, and security standards environment that focuses on relationships between previously isolated data points

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.

Thank you for your message!
We will contact you soon.