Attack of the Graph: Visual Tools for Cyber Analysis - Christian Miles

BSides Vancouver 2021 If you want to understand cybersecurity risks it pays to understand the various graph models that underpin systems and processes in use today. Visual analysis of these models using powerful graph theory is a vital tool to build situational awareness. Complex network analysis is used with machine learning to recognise threats and highlight risks. In this vendor-agnostic talk, Christian will focus on four key graph types: - Dependency analysis: Tracing the downstream vulnerabilities for a process of interest - Threat intelligence: Connecting disparate data points through knowledge graphs of related observations - Asset relationships: Links between devices and the access rights (and wrongs!) of their users - User and Entity Behaviour Analytics: user and device logs, the actions they take and the patterns formed The visual presentation will cover analysis techniques used to identify threats for each of the models along with technologies used to communicate their scope and severity.