QOMPLX: Using ScyllaDB with JanusGraph for Cybersecurity

QOMPLX, a company focused on cybersecurity, has leveraged the capabilities of graph databases and partnered with Expero to implement JanusGraph with ScyllaDB as a storage layer to address evolving cybersecurity threats. By ingesting data from Microsoft Active Directory into graph representations, QOMPLX's Q:CYBER platform enhances the ability of cybersecurity analysts to detect potential attack paths and vulnerabilities in networks. The platform's graph canvas allows for interactive exploration of network data, aiding analysts in understanding potential security breaches and the "blast radius" of vulnerabilities. The architecture involves a collector service for data ingestion, using various data stores like ScyllaDB, Apache Spark, and Elasticsearch to accommodate different analytics needs. Expero's Brian Hall highlighted challenges in graph analytics, such as computational expense and managing multiple graphs, which led to developments like BoostGraph for specific computations and revisions to JanusGraph. The integration of monitoring tools like Prometheus and Grafana ensures data consistency across platforms, with ScyllaDB noted for its reliability in this multi-technology setup.