In the context of cybernality, the term graph database, knowledge graph or intel graph is often used. By this we mean the database technology and its content, which is the central source of knowledge for cybernality. A graph database is a type of database designed to store, manage, and query data in the form of nodes, edges, and properties. Unlike relational databases that organize data into rows and columns, graph databases represent data as a network of relationships, making them highly suited for complex, interconnected data.
Nodes: Represent entities, such as ResultItems, CVEs, or Groups.
Edges: Represent the connections or relationships between nodes.
Properties: Attributes or metadata associated with nodes and edges.
Our graph database uses a query language called Cypher (Neo4j), enabling intuitive exploration of relationships.
Our cybersecurity graph is a specialized application of a graph database designed to model and analyze cybersecurity data. It leverages the inherent interconnectedness of cybersecurity information to detect patterns, analyze risks, and understand relationships between various entities, such as vulnerabilities, exploits, systems, and actors.
A graph database has the following advantages:
Relationship-Centric: Optimized for queries that traverse relationships.
Flexibility: Schema-less or semi-structured, adapting to evolving data models.
Performance: Efficient for traversing and querying deep or complex connections.
Visualization: Natural fit for graph-based visualizations.
Our cybersecurity graph delivers added value in the following form:
Holistic View: Provides a unified view of cybersecurity data, connecting disparate silos.
Advanced Analytics: Supports path analysis, clustering, and pattern detection to identify risks and threats.
Timely Insights: Enables dynamic querying and exploration of relationships.
By combining the power of graph databases with the interconnected nature of cybersecurity data, our intel graph becomes a critical tool for proactive threat management, efficient incident response, and strategic decision-making.