059 Taking Application Security Insights to the Next Level With Fabric and NeoSemantics – NODES2022
These scanning methods usually discover security flaws in the code, but don’t provide the full picture required for a security expert to analyze the software. For example, how could an attacker exploit the detected flaw? And which countermeasures could an organization use to prevent this exploit?
At this point, publicly available cybersecurity knowledge graphs such as D3FEND and OWASP OdTM come in. These knowledge graphs hold information about vulnerabilities, their associated attack techniques, and the corresponding countermeasures. A projection of the application flaws over these fused knowledge graphs allows us to augment each flaw with the context of potential attack techniques, and the corresponding countermeasures. In this session we demonstrate how this is done.
First, we build a federated knowledge base of the D3FEND and OdTM knowledge graphs via Neo4J Fabric and NeoSemantics technologies. Then, we build a knowledge graph representation of a cybersecurity finding report composed of flaws detected in application code. Finally, we use a data federation graph query to associate each flaw with information from the knowledge base.
Speakers: Gal Engelberg
Format: Lighting Talk 10-15 min
Level: Advanced
Topics: #Analytics, #KnowledgeGraph, #Security, #Cypher, #General, #Advanced
Region: APAC
Slides: https://dist.neo4j.com/nodes-20202-slides/059%20Taking%20Application%20Security%20Insights%20to%20the%20Next%20Level%20With%20Fabric%20and%20NeoSemantics%20-%20NODES2022%20APAC%20Advanced%208%20-%20Gal%20Engelberg.pdf
Visit https://neo4j.com/video/nodes-2022/ learn more at https://neo4j.com/developer/get-started and engage at https://community.neo4j.com
Related Videos
GS Nordics – Neo4j Product Vision & Roadmap
GS Nordics – Green Cargo – Creating a Digital Twin of Freight Train Operations Using Neo4j
