A large software company such as Dropbox is at a constant risk of security breaches. These security breaches can take the form of social engineering attacks, network breaches, and other malicious adversarial behavior. This behavior can be surfaced by analyzing collections of log data.

Log-based threat response is not a new technique. But how should those logs be analyzed? Grapl is a system for modeling log data as a graph, and analyzing that graph for threats based on how nodes in the graph have interacted. By building a graph from log data, Grapl can classify interaction patterns that correspond to threats.

Colin O’Brien is the creator of Grapl, and he joins the show to discuss security, as well as threat detection and response.

Sponsorship inquiries: [email protected]

The post Grapl: Graph-Based Detection and Response with Colin O’Brien appeared first on Software Engineering Daily.