This talk was recorded at NDC Security in Oslo, Norway. #ndcsecurity  #ndcconferences #security #ai #developer #softwaredeveloper    

Attend the next NDC conference near you: 
https://ndcconferences.com
https://ndc-security.com/

Subscribe to our YouTube channel and learn every day:   
/@NDC 

Follow our Social Media!

https://www.facebook.com/ndcconferences
https://twitter.com/NDC_Conferences
https://www.instagram.com/ndc_conferences/


While most tools show us events as tables, analyzing them as graphs and vector embeddings changes how we can approach investigation tooling and detection engineering. The core of our talk looks at the methods and tools behind our first-place finish in the US Cyber Command's Alert AI Challenge. By combining some of our favorite graph, AI, and GPU techniques into a single pipeline, we were able reduce alert volumes in a fusion center covering ISPs and universities by 97% and create more useful situational awareness views for prioritization and interactive investigations. We will also touch on how we have been using LLMs & AI to further automate our graph workflows in more recent projects such as in zero-trust identity monitoring & investigations.

Key Points:

* Start thinking differently in how events can be used for investigations and detections

* Learn how modern graph AI techniques like hypergraphs, UMAP, graph neural networks, GPU ETL, and GPU feature engineering fit together

* Free & OSS: Get a feel for how tools like Jupyter Notebooks, Nvidia RAPIDS, PyGraphistry[AI], DGL/PyG, and cu_cat can boost your own workflows