Why Security Graph Analytics?
The determination of patterns to illuminate nefarious or illicit behavior requires an Engine that incorporates the complexities of human interactions with entities and machines. Relational databases fail to take the analyst further in their investigations since detection relies on establishing edges (connections such as emails, phone calls, financial transactions, social media communications) between nodes (human, places, things) from both structured and unstructured data. The uncovering of a cyber threat, covert financial transaction, strategic influencer or the genesis of hateful ideologue requires an Engine that understands the complexity of human life. The Cray Graph Engine thrives in this complexity and has no rivals in discerning the frequency and distance of thousands and millions of nodes.
Cyber security graph analytics joins the Cray Graph Engine’s capability with billions of cyber-related data to provide the NOC analyst with non-signature based detection of the nation-state or criminal sponsored collection, exfiltration and exploitation of a company’s intellectual property. Multiple analytics workloads can be run concurrently on a single platform, exploiting the speed of supercomputing to identify relationships and look for behavioral patterns from billions of data points from hundreds of thousands of sources. In this confluence of big data and graph visualization, advanced persistent threats do not succeed in establishing a foothold nor moving laterally within the network. The CGE, operating within the Cray Urika GX, employs advanced machine learning methods and the high-speed parallelism of the Aries interconnect to detect the ever-evolving tactics of the adversary.