Viewing 0 current events matching “graphs” by Event Name.

Sort By: Date Event Name, Location , Default
No events were found.

Viewing 3 past events matching “graphs” by Event Name.

Sort By: Date Event Name, Location , Default
Tuesday
Dec 16, 2014
GraphAcademy: Graph Data Modeling with Neo4j
Portland Code School

This course teaches how to design and implement a graph data model and associated queries. With a mixture of instruction and hands-on practice sessions, you’ll learn how to apply the property graph model to solve common modeling problems. You’ll also learn how to evolve an existing graph in a controlled manner to support new or changed requirements.

Website
Tuesday
Nov 25, 2014
GraphAcademy: Neo4j Fundamentals
Portland Code School

This course helps build a good knowledge of graph databases. It also teaches the core functionality of the Neo4j graph database. With a mixture of theory and hands-on practice sessions, you will quickly learn how easy it is to work with a powerful graph database using Cypher as the query language

Website
Tuesday
Aug 13, 2019
Portland OWASP: Using Graph Theory to Understand Security with Tim Morgan
Simple

Using Graph Theory to Understand Security

Information security is hard. It must be, because we keep getting hacked. One aspect that makes it so difficult is the level of complexity that exists in even a modestly-sized digital infrastructure. Humans can consider only so many security relationships, trust boundaries, and attack scenarios at once. This complexity makes it hard to decide where to focus our defensive resources and we're regularly led astray by the latest shiny tool or security advisory. Remarkably, our adversaries actually have a similar challenge: once a digital intruder gains a foothold in an environment that is completely new to them, how do they know what next steps they should take to efficiently achieve their goal? The environments they attack are not only complex, they are also unexplored landscapes that must be mapped out.

This is where graph theory can lend a hand. Several open source tools, such as BloodHound and Infection Monkey, provide intruders (whether that be your friendly neighborhood pentester or your adversaries) with easy ways to map out infrastructures and identify the quickest path to your crown jewels. While this is certainly alarming, we can also use these tools ourselves to find out what our infrastructures look like in the eyes of an attacker.

In this talk, Tim will provide a brief introduction to graph theory, show some demos of the free tools that use it, and discuss how he is using these techniques to build automated threat models "at scale" to make defenders' lives easier.

Speaker: Timothy Morgan

After earning his computer science degrees (B.S., Harvey Mudd College and M.S., Northeastern University) and spending a short time as a software developer, Tim began his career in application security and vulnerability research. In his work as a consultant over the past 14 years, Tim has led projects as varied as application pentests, incident response, digital forensics, secure software development training, phishing exercises, and breach simulations. Tim has also presented his independent research on Windows registry forensics, XML external entities attacks, web application timing attacks, and practical application cryptanalysis at conferences such as DFRWS, OWASP's AppSec USA, BSidesPDX, and BlackHat USA.

For the past three years Tim has been building an innovative new risk-based vulnerability management product (DeepSurface) that helps his customers gain a much deeper understanding of the complex relationships present in their digital infrastructures. Visit kanchil.com to learn more about Tim's latest R&D effort.

Website