Identity is based on relationships. Graph databases ensure those connections are current, scoped to actual requirements, and secure. David Rosenblum will discuss how customers from large financial institutions to smart home security systems are IAM enabled with Neo4j.
2. Neo4j: #1 Graph Database AND Graph Analytics Platform
Neo4j is an enterprise-grade native graph database and analytics platform
that enables you to:
• Store, reveal and query data relationships
• Analyze and recognize patterns in those connections
• Add context and connect new data on the fly for continuous innovation
• Performance
• ACID Transactions
• Security
• Large Community
2
Designed, built and supported
for enterprises with:
• Graph Algorithms
• Integrations
• Global Scale
• Graph Adoption
3. What Is Different In Neo4j?
3
TRADITIONAL
DATABASES
Store and retrieve data
Real time storage & retrieval
Up to
3
Max #
of
hops
4. What Is Different In Neo4j?
4
TRADITIONAL
DATABASES
NoSQL/BIG DATA
TECHNOLOGY
Store and retrieve data Aggregate and filter data
Real time storage & retrieval
Long running queries
Aggregation & filtering
Up to
3
Max #
of
hops
1
5. What Is Different In Neo4j?
5
TRADITIONAL
DATABASES
NoSQL/BIG DATA
TECHNOLOGY
Store and retrieve data Aggregate and filter data Connections in data
Real time storage & retrieval Real-Time Connected Insights
Long running queries
Aggregation & filtering
Up to
3
Max #
of
hops
1 Millions
6. CAR
name: “Dan”
born: May 29, 1970
twitter: “@dan”
name: “Ann”
born: Dec 5, 1975
since:
Jan 10, 2011
brand: “Volvo”
model: “V70”
Native Property Graph Model
Nodes
• The objects in the graph
• Can have name-value properties
• Can be labeled
Relationships
• Relate nodes by type and
direction
• Can have name-value properties
LOVES
LOVES
LIVES WITH
PERSON PERSON
9. Graph Model: Agility
Has Rating
Has Allergy
TripAdvisor
Rating: 9
Allergy:
Gluten
What Sushi restaurants are in New York that my
friends who are Gluten Free like that have ratings
over 8?
10. ACCOUNT
HOLDER 2
ACCOUNT
HOLDER 1
ACCOUNT
HOLDER 3
CREDIT
CARD
BANK
ACCOUNT
BANK
ACCOUNT
BANK
ACCOUNT
PHONE
NUMBER
UNSECURED
LOAN
SSN 2
UNSECURED
LOAN
Modeling To Uncover Fraud
At first glance, each
account holder looks
normal.
Each has multiple
accounts…
12. Popularity of Graphs
DB-engines Ranking of Database Categories
• Graph DBMS
• Key-value stores
• Document stores
• Wide column store
• RDF stores
• Time stores
• Native XML DBMS
• Object oriented DBMS
• Multivalue DBMS
• Relational DBMS
Graph DB
2013 2014 2015 2016 2017 2018 2019
13. Development &
Administration
Analytics
Tooling
Graph
Analytics
Graph
Transactions
Data Orchestration
Discovery & VisualizationDrivers & APIs
A
I
Neo4j Database
• ACID compliant
• Real-time transactions
and traversal applications
The Neo4j Graph Platform surrounds Neo4j Enterprise
Neo4j Desktop, the
developers’ mission
control console
• Free, registered local license
of Enterprise Edition
• APOC library installer
• Algorithm library installer
Data Orchestration
• Kettle for Neo4j world class
data orchestration, with
purpose-built integration with
Neo4j
• Data Importer for fast data
ingestion
• Data Lake integrator
materializes graphs from
Apache Hadoop, Hive and
Spark
Graph Analytics
• Graph Algorithms support
PageRank, Centrality and
Path Finding
• Cypher for Apache Spark
from openCypher.org
supports graph composition
(sub-graphs) and algorithm
chaining
Discovery &
Visualization
• Linkurious & Bloom
• Integration with popular
visualization vendors
• Neo4j Browser and custom
visualizations allow graph
exploration
Bolt, GraphQL, Java and more
• Secure, Causal Clustering
• High-speed analytic processing
• On-prem, Docker & cloud delivery
14. Trend No. 5: Graph
…
The application of graph processing and graph DBMSs will grow at 100
percent annually through 2022 to continuously accelerate data preparation
and enable more complex and adaptive data science.
…
Graph analytics will grow in the next few years due to the need to ask
complex questions across complex data, which is not always practical or
even possible at scale using SQL queries.
https://www.gartner.com/en/newsroom/press-releases/2019-02-18-gartner-identifies-top-10-data-and-analytics-technolo
February 18, 2019
15. Better Predictions with Graphs
Using the Data You Already Have
• Current data science models ignore network structure
• Graphs add highly predictive features to ML models, increasing accuracy
• Otherwise unattainable predictions based on relationships
Machine Learning Pipeline
15
17. Graph Features Improve Accuracy
Connected components to identify disjointed graphs
sharing identifiers
PageRank to measure influence and transaction volumes
Louvain to identify communities that frequently interact
Jaccard to measure account similarity
Graph-Connected Feature Engineering
Detecting Financial Fraud
Large financial institutions have existing pipelines to identify fraud via heuristics and models
17
18.
19. Neo4j Bloom – Graph Visualization
Expand that selection and learn more about this
suspect group of AcountHolders
E.g. shared phone number, IP address, etc..
20. 20
Personalization Fraud
Detection
Network
Operations
Master Data
Manageme
nt
Knowledge
Graph
Identity and
Access
Management
Common Graph Technology Use Cases
Real-time Product
Recommendations,
C360, Marketing Data
Platform, Customer
Journey Analytics
AML/KYC/
Insider Trading
Vulnerability,
Impact
Analysis,
Logistics
MetaData,
Data Lineage
AI/ML, NLP,
Chatbot,
Human Capital
Mgt.
Entitlement,
Offers,
Provisioning
21. Cyber Security with Neo4j
To be successful at cybersecurity, analysts must keep track of large amounts of detailed information. This
includes examining and tracking network and endpoint vulnerabilities, reviewing firewall configurations to
ensure vulnerable systems are not exposed and tracking an ongoing deluge of intrusion detection events
that necessitate responses.
In order to determine the appropriate response to an alert, several questions need to be answered:
• Is the threat legitimate?
• What does it really mean if an alert happens to be true?
• Is it related to a system that needs to be protected?
• Is it a system that ultimately could be used as a gateway that leads to a critical service in my
enterprise?
22. Attack Path Monitoring
1. Your Network is a Graph, whether it is in the
cloud, or on premise, you can import your entire
network into Neo4j
2. Exposures can be in the Graph also
1. Open Ports
2. Unpatched OS (Windows, Linux, etc.)
3. Applications using compromised libraries that
need to be patched or updated
4. Are there open CVE that need to be patched
5. Users with excessive rights into too many
systems and applications
23. Neo4j – Impact Analysis
1. Affects of System Unavailability
2. Who is Affected
3. Who can help correct
24. Analyze OS and Application Risks
1. Neo4j queries can look multiple hops out
from a CVE, Container, Application, or any
other resource to see what is the impact.
2. Impact of unpatched Operating Systems.
3. Analyze vendor software for vulnerabilities
to mitigate risks