Graph databases, CQRS and event sourcing, are not just buzzwords when it comes to Crowdstrike’s Knowledge Base.
This system is feeding the Indicators API, which is a core part for our customers, using the Intelligence product line.
We are also offering capabilities for our internal teams (Intelligence Analysts, Data Science teams) to model custom views of the data we expose in the graph, and perform queries over it.
Everything is driven by a DSL, which allows graph representations to be denormalized, written and read on the fly. We’re going to deep dive and cover all these details in our presentation.
Join our talk, to discover the journey of how we managed to model and perform searches on a distributed graph for indicators of compromise.