New AWS Software Competencies — Financial, Auto, GenAI, and ML | Learn Now

Neo4j logo

Nodes2024

Dev Conference by Neo4j

Register for NODES 24

You only need to register once to attend all sessions.

Cybersecurity Risk Assessment Using LLM Agents and Graph Data Science

Session Track: Graphs

Session Time:

Session description

We present a novel approach to protecting network assets of an enterprise by leveraging the power of large language models (LLM) and Graphs. LLM-powered agents compile threat intelligence from different sources like RSS, STIX feeds, security analyst reports and websites. The agents use patterns of planning and reflection to validate the threat intelligence and clearly identify the indicators of compromise (IoC) like malicious IP addresses, file hashes, and alarms in log files. The filtered intelligence is then mapped to a configuration management database (CMDB), which is represented as a Graph with nodes as computers and edges representing connection and flows. CMDB stored in the Neo4j graph database is used to query specific nodes and assign them a risk value based on threat intel. Using graph algorithms, we predict the propagation of risk in the network. Nodes that are closer to an affected node may be more susceptible to attack compared to nodes that are multiple hops away. Using node centrality, we calculate the risk for each node, and this metric helps plan mitigation steps for each node. Nodes at high risk can be prioritized first by IT teams to fix patches and monitor for further attacks. The holistic system enhances existing SIEM and SOAR systems with improved threat intelligence compilation, copilot for asking free-form questions, and graph data science for measuring risk and propagating across the network. The system will help reduce false positives in threat intelligence, provide a risk assessment view of network assets, and help provide recommendations based on past cases and knowledge bases like MI-TRE.

Speakers

photo of Dattaraj Rao

Dattaraj Rao

Chief Data Scientist, Persistent

Dattaraj Rao is the author of the book “Keras to Kubernetes: The journey of a Machine Learning model to Production”. Dattaraj leads the AI Research Lab at Persistent and is responsible for driving thought leadership in AI/ML across the company. He leads a team that explores state-of-the-art in Generative AI, Large Language Models, Computer Vision, Natural Language Understanding, Responsible AI and more. and demonstrates applicability in Healthcare, Banking and Industrial domains. Earlier, he worked at General Electric (GE) for 19 years building Industrial IoT solutions for Predictive Maintenance, Digital Twins and Machine Vision. He held several Technology Leadership roles at Global Research, GE Power and Transportation (now part of Wabtec). He led the Innovation team out of Bangalore that incubated video track-inspection from an idea into a commercial Product. Dattaraj has 11 patents in Machine Learning and Computer Vision areas.

photo of Venkateshwar Tyagi

Venkateshwar Tyagi

Senior Manager, Persistent

Venkateshwar Tyagi is Senior Manager – Offerings and Solutions at Persistent’s CTO Organization. He holds an MBA from IIM Ahmedabad and brings a unique blend of business acumen and technical expertise, leveraging years of experience in protecting critical information infrastructure.

photo of Sadashiv Borkar

Sadashiv Borkar

Senior Data Scientist, Persistent

As a researcher in the CTO AI Research Lab at Persistent, I specialize in leveraging Generative AI and Knowledge Graphs to address complex business challenges. My work focuses on developing innovative solutions that bridge cutting-edge AI technologies with practical applications, driving value and efficiency across various industry sectors.