Starbase: open source graph security analysis

Presented at DEF CON 31 (2023), Aug. 12, 2023, 2 p.m. (240 minutes)

Security teams are overwhelmed with data. How does a user account relate to a server, an application? Does this vulnerability put this important data at risk, or does it simply expose a few systems we care about much less? Who really has access to these files? This is vulnerable, but the firewall won’t let traffic to the service, or will it? These types of questions are very difficult to answer in a vacuum as they require context. With the power of graphs, and Starbase, an open source graph security analysis tool, we will be able to import the data that allows us to answer them using the graph. John Lambert said “Defenders think in lists, attackers think in graphs”. Join us, so we can get a lot more people thinking in graphs! Skill Level: Intermediate Prerequisites for students: Ability to use Docker when provided with commands. Basic understanding of IT and security issues in cloud environments. Materials or Equipment students will need to bring to participate: A laptop with Docker as well as a few docker images pulled in advance. Due to the brittle nature of conference Wi-Fi, we’ll send instructions in advance, so as many people as possible will have downloaded it.

Presenters:

• Adam Pierson
  Adam Pierson is a Senior Software Engineer at JupiterOne. His diverse experience includes time as an embedded software engineer, an R&D analyst working on adopting emerging technologies within large corporate IT environments, and as a developer demonstrating the value of using graph databases to solve complex problems. Currently he is on JupiterOne’s Integration team working on development tools and continuing work on the open-source Starbase project.
• Austin Kelleher
  Austin Kelleher is a Principal Software Engineer as well as a founding member at JupiterOne. He leads the team responsible for maintaining 100+ open-source projects at JupiterOne. His background has primarily been focused on developing cloud-based software systems and tools that interact with graphs for security analysis. Prior to moving to the security industry, Austin was an engineer at eBay building Marko and Lasso, which are the open-source web tools that power the eBay.com web experience.
• Guillaume Ross - JupiterOne
  Guillaume has worked on the blue-team side of security for close to two decades now, and loves to do things because they MATTER and not just because everyone else in security is doing the same. He leads the security and IT teams at JupiterOne.

Similar Presentations:

• 32C3 (2015) / Graphs, Drones & Phones: The role of social-graphs for Drones in the War on Terror.
• ShmooCon XIII (2017) / I Have a Graph Database. Now What?
• Black Hat Asia 2018 / Breaking the Attack Graph: How to Leverage Graphs to Strengthen Security in a Domain Environment