Gartner® Emerging Tech: Optimize Threat Detection With Knowledge Graph Databases

27 Jun 2024

In May 2024, Gartner published its research Emerging Tech:

Optimize Threat Detection With Knowledge Graph Databases.

As per the Gartner report, “Security product leaders are employing graph databases to increase threat detection fidelity by using the structural capabilities, speed and scalability to train AI models to analyze complex entity and action relationships”.

Download the complimentary report.

The-threat-detection-foundational-graph-architecture

Graph-Based Threat Investigation Innovation

Defants was mentioned in the Gartner report as a company that participated in the research.

At Defants, we developed Defants vSIRT, our threat investigation platform, recognizing early the critical role of graph databases in detecting advanced attacker methods. Our approach enables complex behavioral correlations and in-depth security relationship analysis.

By integrating Mitre ATT&CK techniques into our knowledge graph, we enhance our ability to anticipate and counter threats, which we believe, aligning with Gartner recommendations to establish a competitive edge in their ability to detect threats through the use of a graph database to enable complex behavioral correlation, analysis and threat detection..

What the experts say:

Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win

John Lambert

Key points

  • Security product leaders are employing graph databases to increase threat detection fidelity by using the structural capabilities, speed and scalability to train AI models to analyze complex entity and action relationships.
  • Establish a competitive edge in their ability to detect threats through the use of a graph database to enable complex behavioral correlation, analysis and threat detection.
  • Security product leaders that base detection processes on a linear list approach and not on a graph relational approach will be limited in detecting advanced attacker methods.

Gartner, Inc. Emerging Tech: Optimize Threat Detection With Knowledge Graph Databases. Travis Lee. 29 May 2024.

GARTNER® is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission.
All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

ABOUT DEFANTS

Founded in 2021, Defants is a cybersecurity startup based in Rennes, that develop a platform specialized for DFIR (Digital Forensics and Incident Response). Defants was recognized as Cool Vendor by Gartner just months after announcing its pre-seed fundraising of two million euros.The company’s flagship product, Defants vSIRT, is an automated and collaborative DFIR platform that uses semantic investigation to accelerate incident response and enhance threat hunting capabilities.