Security Management of Threats with CyberGraph
摘要
Tracking software vulnerabilities, with the increasing complexity of system architectures, is a hard but fundamental task that requires developers to be up-to-date with different knowledge domains. The publishing of vulnerabilities, the techniques used in their exploitation, and the measures that can be taken to mitigate them, are information provided through different data sources. We developed CyberGraph to gather this information in a single graph database and extended it with real-time data from other threat intelligence tools. In this work we present the update done to the CyberGraph structure and new possible use cases to leverage its expanded data source assimilation and linking of different repositories. The resulting dataset and web application allows users to simplify analysis of existing software ecosystems and domains in order to track possible vulnerabilities and gather information on attack patterns and mitigation that can be applied to them.