Presented By O'Reilly and Cloudera
Make Data Work
September 26–27, 2016: Training
September 27–29, 2016: Tutorials & Conference
New York, NY

Streaming cybersecurity into Graph: Accelerating data into Datastax Graph and Blazegraph

Joshua Patterson (NVIDIA), Mike Wendt (NVIDIA), Keith Kraus (NVIDIA)
1:15pm–1:55pm Thursday, 09/29/2016
Security
Location: River Pavilion Level: Beginner
Average rating: ****.
(4.00, 2 ratings)

Prerequisite knowledge

  • A basic knowledge of Kafka and Spark
  • What you'll learn

  • Learn best practices for streaming with Apache Kafka, Spark, and Flink for cybersecurity
  • Learn best practices for structuring data in Datastax Graph and Blazegraph
  • Understand how graph analysis is accelerating threat detection
  • Description

    Traditional security tools like security information and event managers (SIEMs) are struggling to keep up with the terabytes of event data (250M to 2B events) being generated each day from an ever-growing number of devices. Cybersecurity has become a data problem, and enterprises need to reply with scalable solutions to enable effective hunting and combat evolving attacks. Rethinking the cybersecurity problem as a data-centric problem led Accenture Labs’s Cybersecurity team to use emerging big data tools along with new approaches such as graph databases and analysis to exploit the connected nature of the data to its advantage. Joshua Patterson, Michael Wendt, and Keith Kraus explain how Accenture Labs’s Cybersecurity team is using Apache Kafka, Spark, and Flink to stream data into Blazegraph and Datastax Graph to accelerate cyber defense.

    Leveraging Datastax Graph and Blazegraph allows Accenture Labs to greatly accelerate query and analysis performance compared to traditional security tools like SIEM. Josh, Michael, and Keith share the challenges of fitting cybersecurity data into each of the graph structures, as well as the ways they exploited the connectedness of events to discover new threats that would have been missed in traditional SIEM tools. In addition, they explain how they use GPUs to accelerate graph analysis by using Blazegraph DASL. Josh, Michael, and Keith end by demonstrating how to efficiently and effectively stream data into these graph databases using best-in-breed technologies such as Apache Kafka, Spark, and Flink and touch on why Kudu is becoming an integral part of Accenture’s technology stack. Utilizing these technologies, clients have supercharged their security analysts’ cyber-hunting abilities and are uncovering threats faster.

    Photo of Joshua Patterson

    Joshua Patterson

    NVIDIA

    Joshua Patterson is the director of applied solutions engineering at NVIDIA. Previously, Josh worked with leading experts across the public and private sectors and academia to build a next-generation cyberdefense platform. He was also a White House Presidential Innovation Fellow. His current passions are graph analytics, machine learning, and GPU data acceleration. Josh also loves storytelling with data and creating interactive data visualizations. He holds a BA in economics from the University of North Carolina at Chapel Hill and an MA in economics from the University of South Carolina’s Moore School of Business.

    Photo of Mike Wendt

    Mike Wendt

    NVIDIA

    Mike Wendt is a Manager of Applied Solutions Engineering at NVIDIA. His research work has focused on leveraging GPUs for big data analytics, data visualizations, and stream processing. Prior to joining NVIDIA, Mike led engineering work on big data technologies like Hadoop, Datastax Cassandra, Storm, Spark, and others. In addition, Mike has focused on developing new ways of visualizing data and the scalable architectures to support them. Mike holds a BS in computer engineering from the University of Maryland.

    Photo of Keith Kraus

    Keith Kraus

    NVIDIA

    Keith Kraus is a Senior Engineer of Applied Solutions Engineering at NVIDIA in the Washington, DC, area. At NVIDIA, Keith’s focus is on building GPU-accelerated solutions around data engineering, analytics, and visualization. Prior to working for NVIDIA, Keith did extensive data engineering, systems engineering, and data visualization work in the cybersecurity domain focused on building a GPU-accelerated big data solution for advanced threat detection and cyber-hunting capabilities. Previously, Keith was a member of a research team that built a tool designed to optimally place automated defibrillators in urban environments. Keith graduated from Stevens Institute of Technology with a BEng in computer engineering and an MEng in networked information systems.