Security Operations, Engineering, and Intelligence Integration Through the Power of Graph(DB)!
The ability to properly categorize and visualize attacks, security tool efficacy, and targeting trends has previously been cumbersome at best and impossible at worst.
Through proper schema design a graph database can be used to represent all assets and entities involved in business operations and security both internal and external to your organization. This data can then be used to accurately track and attribute attacks, measure tool and team efficacy/ROI and isolate high risk targets and gaps present in your security posture down to a granular level impossible by other means.
The graph database model also allows for incredibly complex queries to be returned in milliseconds to include unknown distance questions, such as "Which Exploits have actors from China used against our Development team in the last twelve months?" or "Which IDS rules are in place to defend from malware used by XXXX group?" or "Display all C2 domains beaconed to over port 80 by malware delivered by Watering Hole attack"
By treating things as entities which they are in real life, and forming contextful relationships between them we can begin to make sense of the piles of data and gain insight into our weaknesses.