Recently, exploits detected in open-source software packages (as Log4j) increased industry attention on finding a solution to monitor, detect, prevent, and repair vulnerabilities and weaknesses in applications. To do so, organizations use detection methods to discover vulnerable software components, such as static application security testing (SAST), dynamic application security testing (DAST), and more.
These scanning methods usually discover security flaws in the code, but don't provide the full picture required for a security expert to analyze the software. For example, how could an attacker exploit the detected flaw? And which countermeasures could an organization use to prevent this exploit?
At this point, publicly available cybersecurity knowledge graphs such as D3FEND and OWASP OdTM come in. These knowledge graphs hold information about vulnerabilities, their associated attack techniques, and the corresponding countermeasures. A projection of the application flaws over these fused knowledge graphs allows us to augment each flaw with the context of potential attack techniques, and the corresponding countermeasures. In this session we demonstrate how this is done.
First, we build a federated knowledge base of the D3FEND and OdTM knowledge graphs via Neo4J Fabric and NeoSemantics technologies. Then, we build a knowledge graph representation of a cybersecurity finding report composed of flaws detected in application code. Finally, we use a data federation graph query to associate each flaw with information from the knowledge base.
Speakers: Gal Engelberg
Format: Lighting Talk 10-15 min
Level: Advanced
Topics: #Analytics, #KnowledgeGraph, #Security, #Cypher, #General, #Advanced
Region: APAC
Slides: https://dist.neo4j.com/nodes-20202-slides/059%20Taking%20Application%20Security%20Insights%20to%20the%20Next%20Level%20With%20Fabric%20and%20NeoSemantics%20-%20NODES2022%20APAC%20Advanced%208%20-%20Gal%20Engelberg.pdf
Visit https://neo4j.com/nodes-2022 learn more at https://neo4j.com/developer/get-started and engage at https://community.neo4j.com