GraphAware’s client is a cyber defence company dedicated to protecting critical infrastructure and vital industry for national security purposes by combining open-source and commercially available intelligence. With the aim of monitoring, preventing, and predicting cyber attacks on various systems and infrastructure, the company deployed GraphAware Hume, a graph-powered intelligence analysis platform, to ingest all available data and discover threat patterns.
Using the platform to create a single view of intelligence allows analysts to investigate and track threat patterns, collaborating on a unified canvas that connects technical details with contextual information, like political threat levels.
It’s the best product we have encountered on the market that has a strong internal amount of creativity and allows you to maintain control.— Data Science Lead
Connecting interests with threat tactics across disconnected data
The client faced two major challenges: connecting existing data from various sources and integrating new data streams into a single collaborative tool.
The goal was to connect, structure, and match data in a single view of intelligence so that information can be shared among multiple teams, from intelligence analysts to political analysts.
The client’s team also needed a way to bi-directionally navigate their data, to be able to identify actions that might be connected in the inherently hybrid nature of such attacks. For example, an attack could come from a military-adjacent hacking group, or an unknown individual. The ability to rapidly connect similar attacks via indicators of compromise, malware, or known associates enables faster response times.
The company’s goal was to leverage GraphAware’s extensive experience with graph-powered intelligence analysis to integrate all levels of intelligence, identify threats and vulnerabilities, and ultimately alert stakeholders to prevent hybrid attacks.
Constantly maintained and up-to-date intelligence
GraphAware Hume’s flexibility allowed the company’s team to fully use their independence and creativity in creating a unified view of intelligence from all siloed and diverse data sources.
The combination of advanced experience in graphs and machine learning from both the client and GraphAware resulted in a fully tailored solution that met the company’s unique needs.
The platform allowed users to build their own advanced queries, allowing them to naturally understand and interrogate data coming from various sources in real time. The company considered this independence and flexibility lacking in other solutions and providers
Through Hume Orchestra, all the data in the knowledge graph is constantly maintained as an up-to-date to model of the reality of threats and security. Intelligence analysts across the agency can rapidly share their newly acquired intelligence.
We’re the fastest data integration team in the organisation thanks to Hume Orchestra!
Act on threats before they become a problem
The main goal of having a joint, single-source tool which ingested, connected, and matched the threat data was achieved. The solution was implemented on schedule, and brought significant value to the teams within 6 months.
The graph-powered intelligence analysis platform means the company can identify threats and connect malicious actors more efficiently and effectively within teams. Work that took a week now takes a day, allowing the agency to enact advanced analysis for all customers, with a very small team.
This has resulted in a significant boost in reputation: the agency is now seen as the go-to source for answers to complex technical and political questions, with rapid, demonstrably factual opinion forming. The agency’s most top-level goals are now more achievable: better security for the nation, by having the intelligence capability to act on threats before they become a problem. They anticipate increasing the solution’s impact further over time.
We can warmly recommend working with the GraphAware team and their product Hume. Hume has already met our initial requirements and we are confident it will meet the extended requirements whereas Hume is constantly evolving in unison with our own requirements.