Build a complete security operations and compliance program on a Graph DB

Organizer: OWASP Triangle Chapter
Click here for registration info

Speaker: Erkang Zheng

Abstract: Attackers think in graphs; defenders operate with lists. That’s why attackers win.

What if we could have a graph-based, data-driven security and compliance platform that can:

· intelligently analyze my environment,
· automatically keep up with the constant changes and
· help us understand and navigate that complexity

This talk describes how the security and engineering team at LifeOmic built their security operations and automate compliance evidence collection using a graph database. There will also be a live demo of the platform showing the discovery of thousands of assets from connected AWS accounts and other cloud providers; the configuration analysis of these resources; the query and search with graphs to visualize the relevant relationships; as well as the alerts, findings, and compliance mapping. All without the need for additional 3rd party solutions.


Poster: triangletech