Grapl: Graph-Based Detection and Response with Colin O’Brien

A large software company such as Dropbox is at a constant risk of security breaches. These security breaches can take the form of social engineering attacks, network breaches, and other malicious adversarial behavior. This behavior can be surfaced by analyzing collections of log data.

Log-based threat response is not a new technique. But how should those logs be analyzed? Grapl is a system for modeling log data as a graph, and analyzing that graph for threats based on how nodes in the graph have interacted. By building a graph from log data, Grapl can classify interaction patterns that correspond to threats.

Colin O’Brien is the creator of Grapl, and he joins the show to discuss security, as well as threat detection and response.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com/sed to get 20% off the first two months of audio editing and transcription services. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.


Sponsors

Springboard is an online education program that gives you hands-on experience with creating and deploying machine learning models into production. Listeners can get $500 in scholarship if they use the code AISPRINGBOARD–this scholarship is for 20 students who enroll by going softwareengineeringdaily.com/springboard and enter the code AISPRINGBOARD. It takes about 10 minutes to apply, it’s free, and it’s awarded on a first come first serve basis.

The GitLab Commit user conference will be held as a virtual event on Wednesday, August 26th, and the “call for proposals” (CFP) window is open through June 1. Whatever your story is, you can share it at Commit. Go to softwareengineeringdaily.com/commitCFP  Find more info about the event at softwarengineeringdaily.com/GitlabCommit

From their recent report on serverless adoption and trends, Datadog found half of their customer base using EC2s have now adopted AWS Lambda. You can easily monitor all your serverless functions in one place and generate serverless metrics straight from Datadog. Check it out yourself by signing up for a free 14-day trial and get a free t-shirt at softwareengineeringdaily.com/datadog

G2i is a hiring platform run by engineers that matches you with React, React Native, GraphQL, and mobile engineers who you can trust. Whether you are a new company building your first product or an established company that wants additional engineering help, G2i has the talent you need to accomplish your goals. Go to softwareengineeringdaily.com/g2i

Software Weekly

Software Weekly

Subscribe to Software Weekly, a curated weekly newsletter featuring the best and newest from the software engineering community.