Download PDF
Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph
Technology Category
- Application Infrastructure & Middleware - Data Visualization
- Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries
- Equipment & Machinery
- National Security & Defense
Applicable Functions
- Product Research & Development
Use Cases
- Cybersecurity
- Intrusion Detection Systems
Services
- Cybersecurity Services
- System Integration
The Challenge
MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.
The Customer
MITRE Corporation
About The Customer
The MITRE Corporation is a not-for-profit organization that operates federally funded research and development centers in the United States. Founded in 1958, MITRE works on projects in diverse fields such as national defense, energy, aviation, healthcare, and cybersecurity. The organization manages seven national research and development laboratories, including the Center for National Security, to address issues of cybersecurity. With over 8,000 employees, MITRE operates both public-private partnerships and an independent research program. The organization's work is primarily focused on providing support to government agencies.
The Solution
To overcome these challenges, the MITRE team developed CyGraph, a tool that consolidates cybersecurity information into knowledge, using the Neo4j graph database. CyGraph brings together isolated data and events into an ongoing big picture for decision support and situational awareness. The model schema in CyGraph is free to evolve with the available data sources and desired analytics, rather than being fixed at design time. This dynamically evolving tool provides context for reacting appropriately to attacks and protecting mission-critical network assets. It also incorporates mission dependencies, showing how objectives, tasks, and information all depend on other cyber assets. CyGraph prioritizes exposed vulnerabilities in mission-critical assets, correlates intrusion alerts to known vulnerability paths, suggests courses of action, and shows vulnerable paths that warrant deeper inspection for post-attack forensics.
Operational Impact
Related Case Studies.
Case Study
Smart Water Filtration Systems
Before working with Ayla Networks, Ozner was already using cloud connectivity to identify and solve water-filtration system malfunctions as well as to monitor filter cartridges for replacements.But, in June 2015, Ozner executives talked with Ayla about how the company might further improve its water systems with IoT technology. They liked what they heard from Ayla, but the executives needed to be sure that Ayla’s Agile IoT Platform provided the security and reliability Ozner required.
Case Study
IoT enabled Fleet Management with MindSphere
In view of growing competition, Gämmerler had a strong need to remain competitive via process optimization, reliability and gentle handling of printed products, even at highest press speeds. In addition, a digitalization initiative also included developing a key differentiation via data-driven services offers.
Case Study
Predictive Maintenance for Industrial Chillers
For global leaders in the industrial chiller manufacturing, reliability of the entire production process is of the utmost importance. Chillers are refrigeration systems that produce ice water to provide cooling for a process or industrial application. One of those leaders sought a way to respond to asset performance issues, even before they occur. The intelligence to guarantee maximum reliability of cooling devices is embedded (pre-alarming). A pre-alarming phase means that the cooling device still works, but symptoms may appear, telling manufacturers that a failure is likely to occur in the near future. Chillers who are not internet connected at that moment, provide little insight in this pre-alarming phase.
Case Study
Premium Appliance Producer Innovates with Internet of Everything
Sub-Zero faced the largest product launch in the company’s history:It wanted to launch 60 new products as scheduled while simultaneously opening a new “greenfield” production facility, yet still adhering to stringent quality requirements and manage issues from new supply-chain partners. A the same time, it wanted to increase staff productivity time and collaboration while reducing travel and costs.
Case Study
Integration of PLC with IoT for Bosch Rexroth
The application arises from the need to monitor and anticipate the problems of one or more machines managed by a PLC. These problems, often resulting from the accumulation over time of small discrepancies, require, when they occur, ex post technical operations maintenance.
Case Study
Robot Saves Money and Time for US Custom Molding Company
Injection Technology (Itech) is a custom molder for a variety of clients that require precision plastic parts for such products as electric meter covers, dental appliance cases and spools. With 95 employees operating 23 molding machines in a 30,000 square foot plant, Itech wanted to reduce man hours and increase efficiency.
